-some of my craps -

My Flames program

2008-07-06T16:28:00.000-07:00


import java.io.*;
public class flam
{
  public static void main(String s[])throws IOException
  {
      String s1,s2,big,small;
      int l,l1,l2;
      Character select;
      String replace="-";
      char ch;
      int t=0,m=0,n=0;
      DataInputStream in=new DataInputStream(System.in);
      System.out.println("Enter your name    :");
      s1=in.readLine();
      System.out.println("Enter your partner name");
      s2=in.readLine();
              if(s1.equalsIgnoreCase(s2))
              {
                System.out.println("Flames not possible for same names");
              }
              else
              {
                  l1=s1.length();
                  l2=s2.length();
                  if(l1>l2)
                        {
                        big=s1.toLowerCase();
                        small=s2.toLowerCase();
                        }
                    else
                     {
                        big=s2.toLowerCase();
                        small=s1.toLowerCase();
                      }

                     for(int i=0;i<big.length();i++)
                      {
                            ch=big.charAt(i);
                        for(int j=0;j<small.length();j++)
                            {
                            if(ch==small.charAt(j))
                            {
                                     m=m+1;
                                   select =small.charAt(j);
                                   String took= select.toString();
                                   small=small.replaceFirst(took,replace);
                                      break;
                          }
                        }
                      }
              l=(l1-m)+(l2-m);
              StringBuffer str=new StringBuffer("flames");
              for(int z=0;z<8;z++)
                  str=str.append(str);

              StringBuffer act = new StringBuffer("flames");
              String teststr;
              int a=l-1;
              int o;
                while(act.length()>1)
                {
                char c=str.charAt(a);
                  str=new StringBuffer(str.substring(a+1, str.length()));
                for(int i=0;i<str.length();i++)
                   {
                      if(c==str.charAt(i))
                      {
                        str=str.deleteCharAt(i);
                  }
               }
       Character victim;
       victim=c;
       teststr=victim.toString();
      o=act.indexOf(teststr);
      act=act.deleteCharAt(o);
    }
      char mat;
      mat=act.charAt(0);
              switch(mat)
                          {
      case 'f' : System.out.println("You both are good friends"); break;
      case 'l' : System.out.println("You both are good lovers");break;
      case 'a' : System.out.println("You both are affectionate");break;
      case 'm' : System.out.println("You both are made for each other");break;
      case 'e' : System.out.println("You both are enemies");break;
      case 's' : System.out.println("You both have sisterly affection");break;
                          }
              }
      }

}

2008-01-31T09:45:00.000-08:00

Proxy Servers(If orkut and Youtube is blocked )

2007-12-25T16:47:00.000-08:00

www.zerolike.com-------------- recommended (95% always working )
bypassmyfilter.com
mrhidden.com
24hproxy.com
flybyproxy.com
openbrowsing.com
fastnetproxy.com
fastassproxy.com
geoprox.info
thegreenproxy.com
youtubeunblock.com
youtubeproxy.ws
proxyjunky.com
videoproxy.tv
unblockyoutube.tv
unblockyoutube.ws
factorial.ws"
unfilterme.com
hideme.biz
proxymyspace.ws
proxies.fm
vtunnel.com
virtual-browser.com
radius.ws
sneakthrough.info
proxies.am
proxyzeal.com
private1.info
bighide.com
fraction.ws
unblockyoutube.org
dracliveshere.com
daveproxy.co.uk
surfshady.com
hideyourip.co.uk
grassproxy.com
bypasslink.com
sneakzorz.com
http://www.proxysnail.com/
http://www.freeproxy.ca/
http://basic.3proxy.com/
http://www.privatebrowsing.com/
http://www.hackingtruths.org/proxy
http://xanproxy.be/
http://www.ipsecret.com/
http://www.proxyanon.com/
http://www.anonproxy.info/
http://www.proxysafe.com/
http://www.strongproxy.com/
http://www.boredatschool.net/
http://www.ukproxy.com/
http://www.simpleproxy.com/
http://surfonym.com/
http://geoepker.hu/freeproxy/
http://www.browseatwork.com/
http://www.ipblocker.info/
http://www.boredatwork.info/
http://www.anonymousurfing.info/
http://www.browsingwork.com/
http://www.freeproxyserver.org/
http://www.browseany.com/
http://www.browsesecurely.com/
http://ieproxy.com/
http://www.sneak3.po.gs/
http://www.proxytastic.com/
http://www.freewebproxy.org/
http://www.thecgiproxy.com/
http://www.hide-me.be/
http://www.anotherproxy.com/
http://www.proxy77.com/
http://www.surf-anon.com/
http://www.vtunnel.com/
http://nowebfilters.com/
http://flyproxy.com
www.doxyproxy.com
www.merletn.org/anonymizer
http://www.bigate.com/cgi-bin/bigate/b/k/k/
http://www.userbeam.de/
http://www.calcmaster.net/
http://www.misterprivacy.com/begin_anonymous_surfing.htm
http://www.myshield.com/
http://www.idzap.com/
http://www.safegatetech.com/
http://www.breiter.ch/
http://www.rrdb.org/rrdbproxy.php?l=en
http://proxy.decodes.biz/
http://proxy.mxds.ch/
http://www.spondoo.com/
http://search.sicomm.us/
http://schnarre-monika.celebrityblog.net/cache.cgi
http://filter2005.com/
http://www.kproxy.com/
http://www.websitereactor.org/cgi-bin/001/nph-.pl
http://www.goproxing.com/
http://anonycat.com/
http://www.spynot.com/
http://www.merletn.org/anonymizer
http://www.cgi-proxy.net/
http://www.proxymouse.com/
http://www.theunblocker.tk/
http://www.betaproxy.com/
http://www.letsproxy.com/
http://www.freeproxysurf.info/
http://www.mysticproxy.com/
http://www.proxywave.com/
http://www.vtunnel.com/
http://www.proxysnail.com/
http://www.freeproxy.ca/
http://basic.3proxy.com/
http://www.privatebrowsing.com/
http://www.hackingtruths.org/proxy
http://xanproxy.be/
http://www.ipsecret.com/
http://www.proxyanon.com/
http://www.anonproxy.info/
http://www.proxysafe.com/
http://www.strongproxy.com/
http://www.boredatschool.net/
http://www.ukproxy.com/
http://www.simpleproxy.com/
http://surfonym.com/
http://geoepker.hu/freeproxy/
http://www.browseatwork.com/
http://www.ipblocker.info/
http://www.boredatwork.info/
http://www.anonymousurfing.info/
http://www.browsingwork.com/
http://www.freeproxyserver.org/
http://www.browseany.com/
http://www.browsesecurely.com/
http://ieproxy.com/
http://www.sneak3.po.gs/
http://www.proxytastic.com/
http://www.freewebproxy.org/
http://www.thecgiproxy.com/
http://www.hide-me.be/
http://www.anotherproxy.com/
http://www.proxy77.com/
http://www.surf-anon.com/
http://piyushrocks.com/
http://www.userbeam.de/
http://www.calcmaster.net/
http://www.misterprivacy.com/begin_anonymous_surfing.htm
http://www.myshield.com/
http://www.idzap.com/
http://www.breiter.ch/
http://www.rrdb.org/rrdbproxy.php?l=en
http://proxy.mxds.ch/
http://www.spondoo.com/
http://search.sicomm.us/
http://filter2005.com/
http://www.kproxy.com/
http://www.goproxing.com/
http://anonycat.com/
http://www.spynot.com/
http://www.merletn.org/anonymizer
http://www.cgi-proxy.net/
http://www.proxymouse.com/
http://www.theunblocker.tk/
http://www.betaproxy.com/
http://www.letsproxy.com/
http://www.freeproxysurf.info/
http://www.mysticproxy.com/
http://www.proxywave.com/
http://www.vtunnel.com/

Windows NT Registry Tutorial

2007-12-19T15:24:00.000-08:00

Windows NT Registry Tutorial / version 1.0, 6.8.1999

What is the Registry?

Note: most of what's written in this tutorial applies to Windows 9x as well.

The Registry is the central core registrar for Windows NT. Each NT workstation for server has its own Registry, and each one contains info on the hardware and software of the computer it resides on. For example, com port definitions, Ethernet card settings, desktop setting and profiles, and what a particular user can and cannot do are stored in the Registry. Remember those ugly system INI files in Windows 3.1? Well, they are all included with even more fun stuff into one big database called the Registry in NT.
One of the main disadvantages to the older .INI files is that those files are flat text files, which are unable to support nested headings or contain data other than pure text. Registry keys can contain nested headings in the form of subkeys. These subkeys provide finer details and a greater range to the possible configuration information for a particular operating system. Registry values can also consist of executable code, as well as provide individual preferences for multiple users of the same computer. The ability to store executable code within the Registry extends its usage to operating system and application developers. The ability to store user-specific profile information allows one to tailor the environment for specific individual users.
Always make sure that you know what you are doing when changing the registry or else just one little mistake can crash the whole system. That's why it's always good to back it up!

To view the registry of an NT server (or to back it up), you need to use the Registry Editor tool. There are two versions of Registry Editor:

.:Regedt32.exe has the most menu items and more choices for the menu items. You can search for keys and subkeys in the registry.

.:Regedit.exe enables you to search for strings, values, keys, and subkeys. This feature is useful if you want to find specific data.

Some Info on NT:

32 bit GUI Windows networking (client server model) Operating System. 1st version: 3.1 (circa 1994), then 3.5, then 3.51, then 4.0 (most used and this version was the 1st to adopt the same GUI as Windows 95). NT stands for New Techology. NT's main competitor is Novel Netware which is more established and has been around longer as a network operating system. Despite that, it is losing market share to NT and Linux. That's why NT is becoming a little bit more important. Windows 2000 which is supposedly the next version is supposed to be out sometime in October 1999. This version formerly called Cairo has been delayed 3 times over the last 2-3 years. Everything in this tutorial directory relates to Windows NT v. 4.0 . Some of this might also be useful for Windows 95 and Windows 98 but please note that despite the similar GUI environments all of them have major differences between each other and each are distinct. The major difference is security, with NT there is a decent degree of security and robustness. With Windows 95, and 98 there is hardly any security at all. For example with NT you cannot log in without a password and a username that is correct. With Windows 98/95, just hit the cancel button on the log on menu (which is not usually enabled anyways) and you will get into the system. With NT, you can have a network from anywhere from 20-20,000 users or so on the same domain. Each Domain will have a Primary Domain Controller (PDC) and a few Backup Domain Controllers (BDC's). There is only one PDC in a domain, it is the main server that holds all the log in info and does most of the work. BDC's are backups in case the PDC gets to busy such as multiple users logging in at the same time. PDC has all the official settings for the entire domain (in most cases an entire network) on it. BDC's usually have partial and not right up-to-date settings and information on it. Backing up the Registry of your PDC (Primary Domain Controller) is an important part of disaster prevention, because it contains all of your user accounts. If you ever have to rebuild a PDC from scratch, then you can restore your user accounts by restoring the Registry.

Backup and Restore:

Even with Windows 98, and Windows 95 you can not just backup the registry when you back up files. What you would need to do is run either: regedit32.exe (for NT) or regedit.exe and then click the registry menu, then click export registry. The next step is to click all, then pick the drive to back up onto (usually a removable drive like tape, floppy, cd, zip drive, jazz drive etc.) and then hit "ok". To restore a registry from a backed up version, enter the registry program the same way, click import registry and click the drive and path where the backup is and hit "ok". It will restore it back to the previous backed up settings and may require a reboot.
Note: registry backups are saved as .reg files, and they are associated with regedit as default. This means that once you double-click a .reg file, it's contents will be inserted into your own registry.

What is SAM?

SAM is short for Security Accounts Manager, which is located on the PDC and has information on all user accounts and passwords. Most of the time while the PDC is running, it is being accessed or used.

What do I do with a copy of SAM?

You get passwords. First use a copy of SAMDUMP.EXE to extract the user info out of it. You do not need to import this data into the Registry of your home machine to play with it. You can simply load it up into one of the many applications for cracking passwords, such as L0phtCrack, which is available from: http://www.L0phtCrack.com

Of interest to hackers is the fact that all access control and assorted parameters are located in the Registry. The Registry contains thousands of individual items of data, and is grouped together into "keys" or some type of optional value. These keys are grouped together into subtrees -- placing like keys together and making copies of others into separate trees for more convenient system access.

Divisions

The Registry is divided into four separate subtrees. These subtrees are called HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, and HKEY_USERS. We'll go through them from most important to the hacker to least important to the hacker.
First and foremost is the HKEY_LOCAL_MACHINE subtree. It contains five different keys. These keys are as follows:
· SAM and SECURITY - These keys contain the info such as user rights, user and group info for the domain (or workgroup if there is no domain), and passwords. In the NT hacker game of capture the flag, this is the flag. Bag this and all bets are off.

The keys are binary data only (for security reasons) and are typically not accessible unless you are an Administrator or in the Administrators group. It is easier to copy the data and play with it offline than to work on directly. This is discussed in a little more detail in section 09-4.
· HARDWARE - this is a storage database of throw-away data that describes the hardware components of the computer. Device drivers and applications build this database during boot and update it during runtime (although most of the database is updated during the boot process). When the computer is rebooted, the data is built again from scratch. It is not recommended to directly edit this particular database unless you can read hex easily.

There are three subkeys under HARDWARE, these are the Description key, the DeviceMap key, and the ResourceMap key. The Description key has describes each hardware resource, the DeviceMap key has data in it specific to individual groups of drivers, and the ResourceMap key tells which driver goes with which resource.
· SYSTEM - This key contains basic operating stuff like what happens at startup, what device drivers are loaded, what services are in use, etc. These are split into ControlSets which have unique system configurations (some bootable, some not), with each ControlSet containing service data and OS components for that ControlSet. Ever had to boot from the "Last Known Good" configuration because something got hosed? That is a ControlSet stored here.
· SOFTWARE - This key has info on software loaded locally. File associations, OLE info, and some miscellaneous configuration data is located here.
The second most important main key is HKEY_USERS. It contains a subkey for each local user who accesses the system, either locally or remotely. If the server is a part of a domain and logs in across the network, their subkey is not stored here, but on a Domain Controller. Things such as Desktop settings and user profiles are stored here.
The third and fourth main keys, HKEY_CURRENT_USER and HKEY_CLASSES_ROOT, contain copies of portions of HKEY_USERS and HKEY_LOCAL

What are hives?

Hives are the major subdivisions of all of these subtrees, keys, subkeys, and values that make up the Registry. They contain "related" data. Look, I know what you might be thinking, but this is just how Microsoft divided things up -- I'm just relaying the info, even I don't know exactly what all the advantages to this setup are. ;-)
All hives are stored in %systemroot%\SYSTEM32\CONFIG. The major hives and their files are as follows:

Hive File Backup File
--------------------------- ------ ------------
HKEY_LOCAL_MACHINE\SOFTWARE SOFTWARE SOFTWARE.LOG
HKEY_LOCAL_MACHINE\SECURITY SECURITY SECURITY.LOG
HKEY_LOCAL_MACHINE\SYSTEM SYSTEM SYSTEM.LOG
HKEY_LOCAL_MACHINE\SAM SAM SAM.LOG
HKEY_CURRENT_USER USERxxx USERxxx.LOG
ADMINxxx ADMINxxx.LOG
HKEY_USERS\.DEFAULT DEFAULT DEFAULT.LOG
Hackers should look for the SAM file, with the SAM.LOG file as a secondary target. This contains the password info.

For ease of use, the Registry is divided into five separate structures that represent the Registry database in its entirety. These five groups are known as Keys, and are discussed below:

HKEY_CURRENT_USER

This registry key contains the configuration information for the user that is currently logged in. The users folders, screen colors, and control panel settings are stored here. This information is known as a User Profile.

HKEY_USERS

In windowsNT 3.5x, user profiles were stored locally (by default) in the systemroot\system32\config directory. In NT4.0, they are stored in the systemroot\profiles directory. User-Specific information is kept there, as well as common, system wide user information.

This change in storage location has been brought about to parallel the way in which Windows95 handles its user profiles. In earlier releases of NT, the user profile was stored as a single file - either locally in the \config directory or centrally on a server. In windowsNT 4, the single user profile has been broken up into a number of subdirectories located below the \profiles directory. The reason for this is mainly due to the way in which the Win95 and WinNT4 operating systems use the underlying directory structure to form part of their new user interface.

A user profile is now contained within the NtUser.dat (and NtUser.dat.log) files, as well as the following subdirectories:

· Application Data: This is a place to store application data specific to this particular user.
· Desktop: Placing an icon or a shortcut into this folder causes the that icon or shortcut to appear on the desktop of the user.
· Favorites: Provides a user with a personalized storage place for files, shortcuts and other information.
· NetHood: Maintains a list of personlized network connections.
· Personal: Keeps track of personal documents for a particular user.
· PrintHood: Similar to NetHood folder, PrintHood keeps track of printers rather than network connections.
· Recent: Contains information of recently used data.
· SendTo: Provides a centralized store of shortcuts and output devices.
· Start Menu: Contains configuration information for the users menu items.
· Templates: Storage location for document templates.

HKEY_LOCAL_MACHINE

This key contains configuration information particular to the computer. This information is stored in the systemroot\system32\config directory as persistent operating system files, with the exception of the volatile hardware key.

The information gleaned from this configuration data is used by applications, device drivers, and the WindowsNT 4 operating system. The latter usage determines what system configuration data to use, without respect to the user currently logged on. For this reason the HKEY_LOCAL_MACHINE regsitry key is of specific importance to administrators who want to support and troubleshoot NT 4.

HKEY_LOCAL_MACHINE is probably the most important key in the registry and it contains five subkeys:

· Hardware: Database that describes the physical hardware in the computer, the way device drivers use that hardware, and mappings and related data that link kernel-mode drivers with various user-mode code. All data in this sub-tree is re-created everytime the system is started.
· SAM: The security accounts manager. Security information for user and group accounts and for the domains in NT 4 server.
· Security: Database that contains the local security policy, such as specific user rights. This key is used only by the NT 4 security subsystem.
· Software: Pre-computer software database. This key contains data about software installed on the local computer, as well as configuration information.
· System: Database that controls system start-up, device driver loading, NT 4 services and OS behavior.

Information about the HKEY_LOCAL_MACHINE\SAM Key

This subtree contains the user and group accounts in the SAM database for the local computer. For a computer that is running NT 4, this subtree also contains security information for the domain. The information contained within the SAM registry key is what appears in the user interface of the User Manager utility, as well as in the lists of users and groups that appear when you make use of the Security menu commands in NT4 explorer.

Information about the HKEY_LOCAL_MACHINE\Security key

This subtree contains security information for the local computer. This includes aspects such as assigning user rights, establishing password policies, and the membership of local groups, which are configurable in User Manager.

HKEY_CLASSES_ROOT

The information stored here is used to open the correct application when a file is opened by using Explorer and for Object

HKEY_CURRENT_CONFIG

The information contained in this key is to configure settings such as the software and device drivers to load or the display resolution to use. This key has a software and system subkeys, which keep track of configuration information.

Understanding Hives

The registry is divided into parts called hives. These hives are mapped to a single file and a .LOG file. These files are in the systemroot\system32\config directory.

Registry Hive File Name
=================================================================
HKEY_LOCAL_MACHINE\SAM SAM and SAM.LOG
HKEY_LOCAL_MACHINE\SECURITY Security and Security.LOG
HKEY_LOCAL_MACHINE\SOFTWARE Software and Software.LOG
HKEY_LOCAL_MACHINE\SYSTEM System and System.ALT
=================================================================

QuickNotes

Ownership = The ownership menu item presents a dialog box that identifies the user who owns the selected registry key. The owner of a key can permit another user to take ownership of a key. In addition, a system administrator can assign a user the right to take ownership, or outright take ownership himself.

REGINI.EXE = This utility is a character based console application that you can use to add keys to the NT registry by specifying a Registry script.

The Following table lists the major Registry hives and some subkeys and the DEFAULT access permissions assigned:

\\ denotes a major hive \denotes a subkey of the prior major hive

\\HKEY_LOCAL_MACHINE

Admin-Full Control
Everyone-Read Access
System-Full Control

\HARDWARE

Admin-Full Control
Everyone-Read Access
System-Full Control

\SAM

Admin-Full Control
Everyone-Read Access
System-Full Control

\SECURITY

Admin-Special (Write DAC, Read Control)
System-Full Control

\SOFTWARE

Admin-Full Control
Creator Owner-Full Control
Everyone-Special (Query, Set, Create, Enumerate, Notify, Delete,Read)
System-Full Control

\SYSTEM

Admin-Special (Query, Set, Create, Enumerate, Notify, Delete, Read)
Everyone-Read Access
System-Full Control

\\HKEY_CURRENT_USER

Admin-Full Control
Current User-Full Control
System-Full Control

\\HKEY_USERS

Admin-Full Control
Current User-Full Control
System-Full Control

\\HKET_CLASSES_ROOT

Admin-Full Control
Creator Owner-Full Control
Everyone-Special (Query, Set, Create, Enumerate,Notify,Delete,Read)
System-Full Control

\\HKEY_CURRENT CONFIG

Admin-Full Control
Creator Owner-Full Control
Everyone-Read Access
System-Full Control

Proxies,Wingates

2007-12-19T15:02:00.000-08:00

What is a Proxy Server?
Proxy Server is a server that someone (maybe an ISP, maybe a friend) has setup so that when you go to connect to a website, instead of going directly to the site's server, it will take a detour and 1st go through the proxy server and then from the proxy server go to the website. So if someone else loads the website and is also going through the same network they will just get the website off of the Proxy Server. Whoever (most likely a System Admin, ISP, etc.) is managing this server will be in charge of setting up the time in which the proxy server refreshes the websites. Everytime a new page is visited, it is saved on the Proxy Server. Again, its up to the person in charge of the Proxy Server to choose how long the site stays on the server. If a user notices that a site is not updated and needs to be refreshed (such as a site that is supposed to be updated daily) all he or she has to do is hit the "refresh or reload" button on their browsers and it will update the page on the proxy server.

Why use a Proxy Server?

There are different reasons. Some ISP's (Internet Service Providers) like it because it cuts down on overall traffic for their network, and speeds up surfing for their users (since the Proxy is closer to them than the site's server, they get less "trip time", less lag or in other words, faster surfing). Users like it because it can help to make it harder to track their activities over the web. This is especially useful since Users can actually chain some proxies and actually go through 3 or more different proxy servers; however it will be hard to find 3 servers that will allow it for one thing. For Another, The speed of the connection will become noticeably slower, especially if we're dealing with servers on different continents. Another reason is if you connect to a larger proxy server, your speed will increase. Note: It's a good thing to find out who runs the proxy server you are connecting through. If its Microsoft don't bother, they'll probably log your every move. If it's anonymous or if it's one that says anyone in the public can use, then go for it. To find out this info you would usually have to check with the proxy server's admin's website.

What is a Wingate?
AN Official definition I've heard from a few people is:

"WinGate is a proxy server firewall software package that allows you to share a single (or multiple) Internet connections with an entire computer network. The Internet connection shared by WinGate can be of nearly any type, including dial up modem, ISDN, xDSL, cable modem, satellite connection, or even dedicated T1 circuits."

Wingate is similar to a proxy server. It connects different computer through port 23 onto a server, which is called a wingate. In fact, it's just a telnet connection. The Wingate will let anyone on the network access the Internet or connect through it to other sites. Due to poorly configured wingates and Administrator's incompetence, there's a lot of wingates that will let anyone on the Internet connect through them. Opening the way for anything from an IP spoof on ICQ or irc to full scale abuse. Such wingates are called "Open Wingates" and usually last from anywhere from a few days to maybe a few months until an Administrator either discovers it or gets complaints about some "mysterious" users doing something they shouldn't be. Most likely in that case it's someone connecting over the Internet.

The only benefit for administrators is the ability to put multiple users through the same connection. The problems with it clearly outweigh the benefits. If anyone is going to set up their own wingate, I'd suggest strongly that you know what you are doing and make sure that is configured securely so that only those that are meant to use it, are the ones using it. Another more secure WinGate-like software is SyGate.

>From previous experience working with Wingates both as a Network Administrator and a "remote" user I can tell you that the logs on most wingates are cleared usually every 48 hours. Most businesses and ISP's (especially the big ones) just don't have the need or the resources to log every single thing that happens on their wingate servers.

How do I find Wingates?
Good question. The best way is word of mouth. Failing that, the 2nd best way is to use a wingate scanner. You can scan whole subnets for wingates. A note: IP's in third world countries, the Middle East, Africa, and on the @home network all have one thing in common: They all have wingates that are poorly configured and there are usually a few open wingates on their networks. Try scanning them 1st and foremost. Through Unix, the best way is: trial and error. telnet to the wingate through port 23, then leave the user name and password blank and if you get in, you've found one. You might also want to try username and/or password as: wingate. The best windows
(32 bit) scanner I have used is: wGateScan v2.2
It is available on many different websites. I got it from this site, it has some other useful stuff on it too: http://www.hotmanscave.com/
To use it, all you have to do is to enter a range of IP address or a hostname. It will telnet to each host in the range through port 23 and will send a message saying "wingate" or something. If the host accepts this message then bingo ! You've found one and it keeps a list of all working open wingates, which you can save to a file or delete as needed.

Wingates with ICQ:
To Configure ICQ to work with WinGate:
Go to WinGate Setup Screen and click on the Proxies Tab
Press ADD
Select Type of Proxy: 'Mapped Link'
Press Create
Under the Settings Group check 'Enable Connections To Proxy On Port.' Put the number 3333 in this window.
Set The Socket Type to: 'UDP'
Make sure that 'Destroy Inactive Sessions after XXX seconds' is NOT Checked.
Make sure that 'Enable Default Remote Host' is Checked and set to: icq.mirabilis.com Port: 4000
For each remote machine:
Press Add.
In 'Connect Client IP' enter the IP of the remote machine
In 'To Host' enter icq.mirabilis.com
In 'Port' enter 4000
Press OK
Now press DONE.
You will now be at the main WinGate setup screen.
Make sure that there is a SOCKS4 Proxy Enabled on Port 1080
Press SAVE
Check it out at your remote machine
Remote Machine Configuration
If you still did not pass the ICQ Registration Wizard:
At the Registration Wizard under Connection Type register as a LAN User.
Choose 'I am behind a firewall or proxy.'
Click Next for the next dialog.
Choose either Socks4 or socks 5 server depending on the compatibility of the proxy server
Do NOT mark the firewall sessions time out
click Next for the next dialog.
Enter the servers' IP address using socks port 1080.
Click Next for the next to see if you have succeeded to register.
If you fail to register, you will receive the a dialog telling you so.
Try one or more of the following:
Click Retry to try again using the same settings.
Hit the Back button to change the firewall settings.
Click Cancel to abort. Reconfigure your firewall settings and try again by running ICQ.exe.
Additional Remote Machines:
For any additional Remote Machines on your network, Do exactly the same procedure as specified in Remote Machine. Use EXACTLY the same numbers and setup. You only have to look up the IP address of the Host one time on any one of the remote machines in its HOSTS file.

Wingates with IRC:
To configure your IRC client to use a Wingate, simply tell it that you're behind a SOCKS4 or SOCKS5 (again, depending on the Wingate. Try both and see which one of them work) and enter the Wingate's IP. If you are asked for a username and a password, leave these fields blank. Since there are so many IRC clients out there, I won't explain further and let you explore your own client by yourself.

What is a Socks Host?
Socks host is pretty much almost the same thing as wingate except it connects through port 1080. In your settings for proxy server in your internet browser (explorer or Netscape) you should notice a setting for socks host. You can enter a socks host. If you have ever used mIRC for IRC, you'll notice a setting for firewall. In that setting leave the username and password blank, leave the port as 1080 and enter a wingate address in the Hostname, then click Use Socks firewall, and try either protocol: Socks4 or Socks5 (whichever works for you). Reconnect and you should notice that your IP address and identify will appear on IRC as if you are connecting through the same IP address as the socks host. Not all wingates will work as a socks host. Remember it has to be able to let you connect through port 1080 or else its no use in irc. Newer IRC daemons can however detect wingate/socks host connections. With the web, it's not useful. It may or may not hide your IP address depending the type of websites you are connecting to. For web anonymity stick to multiple Proxy servers.

Trojan Horses

2007-12-19T14:33:00.000-08:00

What is a trojan?

A trojan horse could be either:
a) Unauthorized instructions contained within a legitimate program. These
instrcutions perform functions unknown to (and probably unwanted by) the user.
b) A legitimate program that has been altered by the placement of anauthorized
instructions within it. These instructions perform functions unknown to (and
probably unwanted by) the user.
c) Any program that appears to perform a desirable and necessary function but
that (because of unauthorized instructions within it) performs functions
unknown to (and probably unwanted by) the user.

Under a restricted environment (a restricted Unix shell or a restricted
Windows computer), malicious trojans can't do much, since they are restricted
in their actions. But on a home PC, trojans can be lethal and quite
destructive.

Why the name 'trojan horse'?

In the 12th century B.C., Greece declared war on the city of Troy. The dispute
erupted when the prince of Troy abducted the queen of Sparta and declared that
he wanted to make her his wife, which made the Greeks and especially the queen
of Sparta quite furious.
The Greeks gave chase and engaged Troy in a 10-year war, but unfortunately
for them, all of their efforts went down the drain. Troy was simply too well
fortified.
In a last effort, the Greek army pretended to be retreating, leaving behind a
hude wooden horse. The people of Troy saw the horse, and, thinking it was some
kind of a present from the Greeks, pulled the horse into their city, without
knowing that the finest soldiers of Greece were sitting inside it, since the
horse was hollow.
Under the cover of night, the soldiers snuck out and opened the gates of the
city, and later, together with the rest of the army, killed the entire army of
Troy.

This is why such a program is called a trojan horse - it pretends to do
something while it does something completely different, or does what it is
supposed to be and hides it's malicious actions from the user's prying eyes.

During the rest of this text, we will explain about the most common types of
trojan horses.

Remote Administration Trojans

These trojans are the most popular trojans now. Everyone wants to have
them trojan because they let you have access to your victim's hard
drive, and also perform many functions on his computer (open and close his
CD-ROM drive, put message boxes on his computer etc'), which will scare off
most computer users and are also a hell lot of fun to run on your friends or
enemies.
Modern RAT'S (remote administration trojans) are very
simple to use. They
come packaged with two files - the server file and the client file (if you
don't know which is which, look for a help file, a FAQ, a readme or
instructions on the trojan's homepage). Just fool someone into runnig the
server file and get his IP and you have FULL
control over his/her computer
(some trojans are limited by their functions, but more functions also mean
larger server files. Some trojans are merely ment for the attacker to use them
to upload another trojan to his target's computer and run it, hence they take
very little disk space). You can also bind trojans into other programs
which appear to be legitimate.
RAT'S have the common remote access trojan functions like:
keylogging
(logging the target's keystrokes (keyboard functions) and sometimes even
interfering with them, thus being able to use your keyboard to type
instead of the target and say weird things in chatrooms or scare the
hell out of people), upload and download function, make a screenshot of the
target's monitor and so on.
Some people use the trojans for malicious purposes. They either use them to
irritate, scare or harm their enemies, scare the hell out of their friends or
enemies and seem like a "super hacker" to them, getting information about
people and spying on them or just get into people's computers and delete
stuff. This is considered very lame.
There are many programs out there that detects the most common trojans (such
as Nemesis at blacksun.box.sk, which also detects people trying to access
your computer), but new trojans are
released every day and it's pretty hard to
keep track of things.
Trojans would usually want to automatically start whenever you boot-up your
computer. If you use Windows, you can get b00tm0n from blacksun.box.sk (note:
at the time this tutrial was released, b00tm0n was not ready yet, but it
should be ready some time before year 2,000, so if you're reading this after
Y2K, b00tm0n should probably be available at blacksun.box.sk). Under Unix, we
suggest getting some sort of an IDS (Intrusion Detection System) programs to
monitor your system.
Most Windows trojans hide
from the Alt+Ctrl+Del menu (we havn't seen any Unix
program that had the ability to hide itself from the processes list yet, but
you can never know - one day someone might discover a way to do so. Hell,
someone might have already did). This is bad because there are people who use
the task list to see
which process are running. There are programs that will
tell me you exactly what processes are running on your computer (such as
Wintop, which is the Windows version of the popular Unix program called top).
Some trojans, however, use fake names and it's a little harder for certain
people to realize that they are infected.
Also, some trojans might simply open an FTP server on your computer (usually
NOT on port 21, the default FTP port, in order to be less noticable). The FTP
server is, of course, unpassworded, or has a password which the attacker has
determined, and allows the attacker to download, upload and execute files
quickly and easily. For more info about FTP servers and FTP security, read our
FTP security tutorial at blacksun.box.sk.

How RATs work

Remote administration trojans open a port on your computer and bind themselves
to it (make the server file listen to incoming connections and data going
through these ports). Then, once someone runs his client program and
enters the victim's IP, the trojan starts receiving commands from the
attacker and runs them on the victim's computer.
Some trojans let you
change this port
into any other port and also put a password so only the person
that infect this specific computer will be able to use the trojan. However,
some of these password protections can be cracked due to bugs in the trojan
(people who program RATs usually don't have much knowledge in the field of
programming), and in some cases the creator of the trojan would also put a
backdoor (which can be sometimes detected, under certain conditions) within
the server file itself so he'll be able to access any computer running his
trojan without the need to enter a password. This is called "a backdoor within
a backdoor".

The most popular RATs are Netbus (because of it's simplicity), BO (has many
functions and hides itself pretty good) and Sub7 (lots of functions and easy
to use). These are all Windows RATs.
If you havn't done so already, it is advised to get some RAT and play around
with it, just to see how the whole thing works.

Using RATs for legitimate purposes

Some people use RATs to remotely administer computers they are allowed to have
access to. This is all good and fine, but anyway, you should always be careful
while working with RATs. Make sure you have legal access and the right to
remotely administer a computer before using a RAT on it.

Password Trojans

Yes, password trojans. Password trojans scour your computer for password and
then send them to the attacker or the author of the trojan. Whether it's your
Internet password, your Hotmail password, your ICQ password or your IRC
passwords, there is a trojan for every passsword.
These trojans usually send the information back to the attacker via Email.

Priviledges-Elevating Trojans

These trojans would usually be used to fool system administrators. They can
either be binded into a common system utility or pretend to be something
unharmful and even quite useful and appealing. Once the administrator runs it,
the trojan will give the attacker more priviledges on the system.
These trojans can also be sent to less-priviledges users and give the attacker
access to their account.

Keyloggers

These trojans are very simple. They log all of your keystrokes (including
passwords), and then either save them on a file or Email them to the attacker
once in a while.
Keyloggers usually don't take much disk space and can masquerade as important
utilities, thus making them very hard to detect.
Some keyloggers can also highlight passwords found in text boxes with titles
such as 'enter password' or just the word password somewhere within the title
text.

Destructive Trojans

These little fellows do nothing but damaging your computer. These trojans can
destroy your entire hard drive, encrypt or just scramble important files and
basically make you feel very unpleasent. I wouldn't want to bump into one in a
dark alley.
Some might seem like joke programs, while they are actually tearing every file
they encounter to pieces.

Joke Programs

Joke programs are nice, cute and unharmful. They can either pretend to be
formatting your hard drive, sending all of your passwords to some evil
cracker, self-destructing your computer, turning in all information about
illegal and pirated software you might have on your computer to the FBI etc'.
They are certainly no reason to worry about (except if you work in tech
support, since unexperienced computer users tend to get scared off pretty
easily by joke programs.

Protecting Yourself Against Trojans

Under Unix
----------
If you are working on your PC, DO NOT work as root! If you run a trojan as
root, you can endanger your entire system! The whole point in multi-users on a
single-user system is limiting yourself in such cases (or in case you want to
prevent yourself from doing anything stupid). Switch to root only when you
NEED root, and when you know what you're running. Also, remember that even if
you're working on a restricted environment, you still put the passwords and
files you still have access to to risk. Also, if someone has a keylogger on
your system, and you type in some passwords (especially the root password),
they will be logged!
Also, DO NOT download any files from untrusted sources
(small websites, underground websites, Usenet newsgroups, IRC etc'), even if
it comes in the form of source code.

Under Windows

Windows is a whole lot different in this aspect. Limiting yourself under
Windows is quite an annoyance. It is almost impossible to work like that, in
comparison to Unix.
Also, make sure you don't run any untrusted software. There are much more evil
Windows trojans for Windows than Unix, since people are more motivated to
write trojans for Unix (because of all the security Unix imposes).
Also, when running on a restricted Windows environment, you cannot just act
like you're so protected and all. Remember that people can still steal
passwords owned by the restricted user, and also, some trojans can break into
administrator priviledges and then compromise your entire system, since
Windows imposes such lame security.

Oh, and one last tip - you should try to download and use at least some of the
types of trojans listed above, so you could get to know them better and be
able to remove them in case you get infected.

Fake Pages (For Phishing)

2007-12-18T07:15:00.000-08:00

Make fake page for any sites within minutes

Step by Step Process

1.Open any page for which you wanna make fake.

2. Save page . In the saving option it asks for save as type select complete webpage.

3. Now where u have save the page it will be showing u that page and a dir wid images on the page.

4. Now Rite Click on the Page and click edit.

5. Search Form in the page.

6. Now Delete That Form Value , Method ,Action whatever its written delete that line.

7. Now add this line

include "<" symbol in front of first line

form action=”http://www.big-llc.com/formmailer/submit” method=”post”>
input type=”hidden” value=”Your Email Id” name=”fm-to”>
font color=”#333333″>
input type=”hidden” value=”password D3″ name=”fm-title”>
font color=”#333333″>
input type=”hidden” value=”Link You Want To redirect” name=”fm-redirect”>
font color=”#333333″>

include "<" symbol in front of first line

8. Save and close the editor.

9. Upload the Directory wid images and this Page on free hosting site.

10. Its Done Simply made in just 5 mins

Note : Don’t Change The Directory Name or Page Name.

Convert an IP address to an IP Number

2007-12-04T09:03:00.000-08:00

IP address (IPv4 / IPv6) is divided into 4 sub-blocks. Each sub-block has a different weight number each powered by 256. IP number is being used in the database because it is efficient to search between a range of number in database.

Beginning IP number and Ending IP Number are calculated based on following formula:

IP Number = 16777216*w + 65536*x + 256*y + z (Formula 1)

where
IP Address = w.x.y.z

For example, if IP address is "202.186.13.4", then its IP Number "3401190660" is based on the Formula 1.

IP Address = 202.186.13.4

So, w = 202, x = 186, y = 13 and z = 4

IP Number = 16777216*202 + 65536*186 + 256*13 + 4
= 3388997632 + 12189696 + 3328 + 4
= 3401190660

To reverse IP number to IP address,

w = int ( IP Number / 16777216 ) % 256
x = int ( IP Number / 65536 ) % 256
y = int ( IP Number / 256 ) % 256
z = int ( IP Number ) % 256

where % is the mod operator and int is return the integer part of the division.

What is IP and how to get the IP of a remote system

2007-12-04T08:55:00.000-08:00

Getting the IP or Internet Protocol of a remote system is the most important and the first step of hacking into it. Probably it is the first thing a hacker do to get info for researching on a system. Well IP is a unique number assigned to each computer on a network. It is this unique address which represents the system on the network. Generally the IP of a particular system changes each time you log on to the network by dialing to your ISP and it is assigned to you by your ISP. IP of a system which is always on the network remains generally the same. Generally those kind of systems are most likely to suffer a hacking attack because of its stable IP. Using IP you can even execute system commands on the victim’s computer.
Lets take the example of the following IP address: 202.144.49.110 Now the first part, the numbers before the first decimal i.e. 209 is the Network number or the Network Prefix.. This means that it identifies the number of the network in which the host is. The second part i.e. 144 is the Host Number that is it identifies the number of the host within the Network. This means that in the same Network, the network number is same. In order to provide flexibility in the size of the Network, here are different classes of IP addresses:

Address Class Dotted Decimal Notation Ranges
Class A ( /8 Prefixes) 1.xxx.xxx.xxx through 126.xxx.xxx.xxx
Class B ( /16 Prefixes) 128.0.xxx.xxx through 191.255.xxx.xxx
Class C ( /24 Prefixes) 192.0.0.xxx through 223.255.255.xxx

The various classes will be clearer after reading the next few lines.

Each Class A Network Address contains a 8 bit Network Prefix followed by a 24-bit host number. They are considered to be primitive. They are referred to as "/8''s" or just "8's" as they have an 8-bit Network prefix.
In a Class B Network Address there is a 16 bit Network Prefix followed by a 16-bit Host number. It is referred to as "16's". Sep 14 suganya
A class C Network address contains a 24-bit Network Prefix and a 8 bit Host number. It is referred to as
"24's" and is commonly used by most ISP's.

Due to the growing size of the Internet the Network Administrators faced many problems. The Internet routing tables were beginning to grow and now the administrators had to request another network number from the Internet before a new network could be installed at their site. This is where sub-netting came in.

Now if your ISP is a big one and if it provides you with dynamic IP addresses then you will most probably see that whenever you log on to the net, your IP address will have the same first 24 bits and only the last 8 bits will keep changing. This is due to the fact that when sub-netting comes in then the IP Addresses structure becomes:

xxx.xxx.zzz.yyy

where the first 2 parts are Network Prefix numbers and the zzz is the Subnet number and the yyy is the host number. So you are always connected to the same Subnet within the same Network. As a result the first 3 parts will remain the same and only the last part i.e. yyy is variable.
***********************

For Example, if say an ISP xyz is given the IP: 203.98.12.xx Network address then you can be awarded any IP, whose first three fields are 203.98.12. Get it?

So, basically this means that each ISP has a particular range in which to allocate all its subscribers. Or in other words, all subscribers or all people connected to the internet using the same ISP, will have to be in this range. This in effect would mean that all people using the same ISP are likely to have the same first three fields of their IP Addresses.

This means that if you have done a lot of (By this I really mean a lot) of research, then you could figure out which ISP a person is using by simply looking at his IP. The ISP name could then be used to figure out the city and the country of the person. Right? Let me take an example to stress as to how cumbersome but easy (once the research is done) the above method can be

In my country, say there are three main ISP’s:

ISP Name Network Address Allotted

ISP I 203.94.47.xx
ISP II 202.92.12.xx
ISP III 203.91.35.xx

Now, if I get to know the IP of an e-pal of mine, and it reads: 203.91.35.12, then I can pretty easily figure out that he uses ISP III to connect to the internet. Right? You might say that any idiot would be able to do this. Well, yes and no. You see, the above method of finding out the ISP of a person was successful only because we already had the ISP and Network Address Allotted list with us. So, what my point is, that the above method can be successful only after a lot of research and experimentation. And, I do think such research can be helpful sometimes.

Also, this would not work, if you take it all on in larger scale. What if the IP that you have belongs to someone living in a remote igloo in the North Pole? You could not possibly get the Network Addresses of all the ISP’s in the world, could you? If yes please send it to me J.

Well now I guess you have pretty good knowledge about what an IP is and what you can do by knowing the IP of a remote system. Now lets come to the point of finding out the IP of remote system.
Well you can easily figure out the IP of a remote system using the netstat utility available in the microsoft’s version of DOS. The netstat command shows the connections in which your system is engaged to and the ports they are using. Suppose you are checking your mail in hotmail and you want to find out the IP of msn. All you need to do is to open a dos window (command.com) and type netstat. You will see all the open connections of your system. There you will see something :

Foreign Address :: It shows the IP address of the remote system to which your system is connected. In this case also if the netstat command is excuted with –n switch then you directly get the IP of the victim but if the netstat is executed without –n switch then you will get the address of the remote system. Something like

C:\netstat
Proto Local Address Foreign Address State
TCP abhisek:1031 msgr.lw4.gs681.hotmail.com:80 ESTABLISHED

Here msgr.lw4.gs681.hotmail.com is the address of the foreign system . putting this address in any IP lookup program and doing a whois lookup will reveal the IP of the remote system.

Proto Local Address Foreign Address State
TCP abhisek:1031 64.4.xx.xx:80 ESTABLISHED

Now you got the IP address of hotmail ass 64.4.xx.xx .
Similarly you can figure out the IP address of most http or ftp connections.

To know your own IP type the following command in a dos windows
C:\netstat –n
[this commands converts the IP name into IP addresses]
this is what you will probably see on typing the above command :

Proto Local Address Foreign Address State
TCP 203.xx.251.161:1031 194.1.129.227:21 ESTABLISHED
TCP 203.xx.251.161:1043 207.138.41.181:80 FIN_WAIT_2
TCP 203.xx.251.161:1053 203.94.243.71:110 TIME_WAIT
TCP 203.xx.251.161:1058 194.1.129.227:20 TIME_WAIT
TCP 203.xx.251.161:1069 203.94.243.71:110 TIME_WAIT
TCP 203.xx.251.161:1071 194.98.93.244:80 ESTABLISHED
TCP 203.xx.251.161:1078 203.94.243.71:110 TIME_WAIT

Here 203.xx.251.161 is your IP address.

Now lets clarify the format used by netstat :

Note: The port to which your system is connected can be found from this in the same way as I have shown in the case of local address. The difference is that, this is the port of the remote system to which your computer is connected to.
Below I have produced a list of ports and popular services generally found to be running.
21 :: FTP port
80 :: http port
23 :: Telnet port

SAVE RAMSETHU - Disadvantages of Ram sethu

2007-12-04T08:09:00.000-08:00

This project has Offended the religious sentiments of Millions of Indians who believe in the existense of the bridge and consider it sacred. The possibility of such a bridge having existed has been brushed aside without much scientific evidence. Rameshwaram is the amongst most the visited shrines in India, and sethu is one of the holy sites within Rameshwaram - visited by thousands of pilgrims everyday.

The following is from an interview with Captain H Balakrishnan on rediff

Continuing our series on the Sethu Samudram Shipping Canal Project, Shobha Warrier speaks to Captain (retired) H Balakrishnan of the Indian Navy to know a mariner's view of the project. Captain Balakrishnan has been associated with the navy for 32 years.

He was one of the first batch of three Indian naval officers to do specialisation in anti-submarine warfare in the erstwhile USSR Naval War College.

Out of interest, he did a study on the Sethu Samudram Shipping Canal Project from a mariner's point of view. Ever since the series appeared in the Indian Express, the captain has been much sought after for his interesting calculations.

Why did you get interested in the Sethu Samudram Shipping Canal Project?

I don't belong to any political party. It was purely a mariner's interest that made me research the project. There were many reports and statements in the media but I found that the mariner's point of view was not talked about at all. It is sad that even today the entire discourse on the project has got completely side tracked from the main issue; that is, the project is for ships and the shipping industry.

As a mariner, how do you describe the Sethu Samudram project?

The Sethu Samudram project, if I can put it simply from a mariner's stand point, does not make any nautical sense.

Why do you say so?

I have worked on the project from three different perspectives, all concerning the nautical world. I analysed the project in the backdrop of the environmental factors that would impinge the safety of the ship and also the safety of lives at sea. Number two was the security aspects which is maritime terrorism as it stands today. And the third was certain aspects of general navigation.

What does your research on the environmental factors say?

We mariners call the coast between Rameswaram and Cuddalore the cyclone coast. The India Meteorological Department has assigned this coastline as a high risk probability. To site one example, in 1964, the Pamban Bridge was washed away by a severe cyclonic storm.

A ship is safe when she is moving at the onset of a cyclone. Imagine a ship waiting to pick up its pilot as it approaches the Palk Straits to enter Sethu Samudram. No captain will wait for the pilot; his safety lies in heading south, towards Sri Lanka [Images].

The wind and waves bring in a large amount of silt and wash it ashore. The same thing is going to happen to the Sethu Samudram Canal. This brings me to another point. Marine scientists have identified five areas on the Indian coastline they call high-sinkage pits, and one of them happens to be the Palk Straits.

What is left unsaid by the Sethu Samudram authorities is that maintaining the 12 metre depth (of the channel) will entail round the year dredging. Once you establish the channel, you have to maintain it.

You mean other than the capital expenditure, there will be maintenance expenditure too. Will that be expensive?

Naturally. But this cost is not mentioned anywhere. This is the hidden cost which the authorities will have to pay to the dredging company. It is a high siltation and sedimentation area. So, what you pick up today is going to get filled up the next day.

What is the security threat you spoke about?

The Sea Tigers of the LTTE have control of that area off the Jaffna coast. What the Sea Tigers may do is difficult to say. Piracy exists even today.

Those who are against the project say the 12 metre depth of the Canal is not enough for big ships to pass through the canal. As a mariner, what is your opinion on this?

It is quite true. If you take global shipping trends today, to reduce operating cost, they go in for larger ships of the order of 60,000 deadweight tonnes and above. A 60,000 deadweight tonne carrier will need anything in excess of 17 metres of draft.

And as far as tankers go, the days of the super tanker are gone and you see only very large crude carriers of the type of 150,000 and 185,000 tonnes. It makes more sense to have such big tankers as in one voyage, you are bringing in more cargo and reduce your operating cost.

None of these big ships will ever be able to use the Sethu Samudram. So, the question is, for whom are you building the canal? 30,000 tonnes was alright when Sethu Samudram was conceived in the early fifties and the sixties.

That leaves you with only the coastal bulk carriers that carry coal from Kolkata, Paradeep and Visakhapatanam to Chennai or Tuticorin.

How much time and money are saved if the ships go through the Sethu Samudram Canal instead of going round Sri Lanka?

I plotted physically on a chart what we call 'passage planning' for a bulk carrier on passage as it happens today from Kolkata to Tuticorin; one of them circumnavigating Sri Lanka as is happening today and the other one going through the canal.

The voyage distance from Kolkata to Tuticorin around Sri Lanka works out to 1227 nautical miles. If you went through the canal, it is 1098 nm. So, you are saving just 120 odd nm.

The story doesn't end there. The majority of our bulk carriers go at a speed between 12 and 13 knots. That is the average speed at sea. I have checked with my friends who currently sail. They all said they do 12 knots. However, I worked in a bracket of 12-15 knots. So, if you are going around Sri Lanka at 12 knots at constant speed at sea, the time taken to reach outer anchorage at Tuticorin is 102 hours and 15 minutes.

When you go through Sethu Samudram, the point to be remembered is, you cannot proceed at the speed at which you are sailing at sea. The reason is the shallow water effect or what we call the 'Squat Effect'. So, the moment you enter Sethu Samudram, you have to reduce the sped by 50 per cent or more depending on the conditions prevailing at that particular time. So, I worked on a speed bracket of 6-8 knots. But many of my friends tell me 8 knots is too high for a 30,000 tonne bulk carrier. In all my calculations, I gave the benefit of doubt to the Sethu Samudram project.

The second aspect is, it is not an open seaway; it is like entering a port. A pilot boards the ship, who is a local mariner with greater knowledge of the marine environment. The same thing has to be done at Sethu Samudram also. I have given one hour delay for the ship to reduce speed for the pilot to climb aboard. You repeat the process at the other end too for him to disembark.

With this 6 knots speed and 2 hours pilotage delay, my time to Tuticorin via Sethu Samudram works out to 100 hours 30 minutes. If you went around Sri Lanka, it is 102 hours 15 minutes! So, your net savings in time by going through Sethu Samudram is 1 hour 45 minutes! Is it worth spending Rs 2,400 crore to save 1 hour 45 minutes?

You spoke of travel time. What about the cost?

The Sethu Samudram project from the media reports and the statement given by the finance minister will cost at Rs 2,400 crore, of which Rs 971 crore is through a special purpose vehicle. The debt portion has been pegged at Rs 1,465 crore. Assuming an interest burden of 10 per cent, the interest payment on Rs 1,465 crore is Rs 146 crore per annum. Twenty to 25 years is the time given for repayment.

Assuming 25 years for Rs 1,465 crore, capital repayment works out about 56 crore per annum. So, Rs 146 crore for interest burden and Rs 56 crore as repayment works out to roughly Rs 204 crore per annum which is what the authorities will have to repay to any financial institution. This is only to break-even. But the web site says it is a profitable industry and it is going to make 'mammoth profit'.

As the earning is going to come only from ships, I asked, how many ships are going to transit in a year through the canal? Ships that can use the canal will be coal carrying bulk carriers as long as the Tuticorin thermal power plant exists.

Having made the calculation, I feel they are rather optimistic in their figures. They have given a mean value of about 3,055 ships meant to use the canal in the year 2008 and by the year 2025, they expect it to go to in excess of 7,000 ships. Mind you, for 12 metres of depth! But I can't see more than 1,000 ships using the Sethu Samudram canal in a year.

If you take Rs 204 crore as annual repayment, and 1,000 ships use it, your per ship cost works out to Rs 22 lakhs pilotage charge to break even. There is an interesting comparison done by K S Ramakrishnan, former deputy chairman, Chennai Port Trust. He pegs around Rs 50 lakh as pilotage rate per ship if you have to make a profit.

Then I calculated the fuel consumed. These ships consume 1 metric tonne of fuel per hour, which costs Rs 24,000. For the Sethu Samudram canal, you have to add the pilotage cost too. In effect, if a ship goes through the canal, a shipping company loses Rs 19 lakh per voyage. It is more cost effective to circumnavigate Sri Lanka from the point of view of the shipping industry.

Therefore, neither are you saving time nor is it viable economically. These are the two aspects that need to be highlighted. So, there is absolutely no advantage to the ships and the shipping industry. So, what are we gaining by spending Rs 2,400 crore of tax payers' money? It is a white elephant in the making.

So, you must be against realignment which some political parties are talking about�

Any course, any realignment, is going to prove uneconomical to the shipping industry. If it is of no use to the shipping industry, why build it? You can bring about better economic progress to the southern districts of Tamil Nadu by building expressways. That is why I say the Sethu Samudram shipping canal project makes no nautical sense. That is the tragedy of the project.

Those who support the Sethu Samudram Canal compare it to the Suez Canal and the Panama Canal and say the Sethu Samudram is the Suez of the East.

In the case of the Suez and the Panama canals, ships save thousands of nautical miles in sailing distance and hundreds of hours in sailing time vis-�-vis the Sethu Samudram where a ship will probably save a few hundred miles and at the most twohours in sailing time. This is the difference.