TUM HO TOH

TUM HO TOH

GAATA HAI DIL

TUM NAHIN
TOH GEET KAHAN

TUM HO TOH HAI SAB HAASIL

TUM NAHIN TO KYA HAI YAHAAN

TUM HO TOH HAIN SAPNO KA JAISA HASSEEN EK SAMAAAA

JO TUM HO TOH YEH LAGTA HAI KE MIL GAYI HAR KHUSI

JO TUM NA HO YEH LAGTA HAI KE HAR KHUSHI MEIN HAI KAMMEE

TUMKO HAI MAANGTI


YEH ZINDAGI,

TUM HO TOH

RAAHENH BHI HAIN

TUM NAHIN

TOH RAASTEY KAHAAN

TUM HO TOH HAI HAR EK PAL MEHERBAAN YEH JAHAAN

JO TUM HO TOH HAAWA MEIN BHI

MOHOBATTON KA RANG HAI

JO TUM NA HO
TOH PHIR KOI NA JOSH NA KOI UMANG HAI

TUM MILE TOH MILLEEEE

YEH ZINDAGI

A TCP SPOOFING ATTACK

Over the past few years TCP number prediction attacks have become a real threat against unprotected networks, taking advantage of the inherent trust relationships present in many network installations. TCP sequence number prediction attacks have most commonly been implemented by opening a series of connections to the target host, and attempting to predict the sequence number which will be used next. Many Operating systems have
therefore attempted to solve this problem by implementing a method of generating sequence numbers in unpredictable fashions. This method does not solve the problem.

This advisory introduces an alternative method of obtaining the initial sequence number from some common trusted services. The attack presented here does not require the attacker to open multiple connections, or flood a port on the trusted host to complete the attack. The only requirement is that
source routed packets can be injected into the target network with fake source addresses.

This advisory assumes that the reader already has an understanding of how TCP sequence number prediction attacks are implemented.

The impact of this advisory is greatly diminished due to the large number of organizations which block source routed packets and packets with addresses inside of their networks. Therefore we present the information as more of a ‘heads up’ message for the technically inclined, and to re-iterate that
the randomization of TCP sequence numbers is not an effective solution
against this attack.

Technical Details
~~~~~~~~~~~~~~~~~

The problem occurs when particular network daemons accept connections with source routing enabled, and proceed to disable any source routing options on the connection. The connection is allowed to continue, however the reverse route is no longer used. An example attack can launched against the in.rshd daemon, which on most systems will retrieve the socket options
via getsockopt() and then turn off any dangerous options via setsockopt().

An example attack follows.

Host A is the trusted host
Host B is the target host
Host C is the attacker

Host C initiates a source routed connection to in.rshd on host B, pretending
to be host A.

Host C spoofing Host A –> Host B in.rshd

Host B receives the initial SYN packet, creates a new PCB (protocol control block) and associates the route with the PCB. Host B responds, using the reverse route, sending back a SYN/ACK with the sequence number.

Host C spoofing Host A <– Host B in.rshd

Host C responds, still spoofing host A, acknowledging the sequence number. Source routing options are not required on this packet.

Host C spoofing Host A –> Host B in.rshd

We now have an established connection, the accept() call completes, and control is now passed to the in.rshd daemon. The daemon now does IP options checking and determines that we have initiated a source routed connection. The daemon now turns off this option, and any packets sent
thereafter will be sent to the real host A, no longer using the reverse route which we have specified. Normally this would be safe, however the attacking host now knows what the next sequence number will be. Knowing this sequence number, we can now send a spoofed packet without the source
routing options enabled, pretending to originate from Host A, and our command will be executed.

In some conditions the flooding of a port on the real host A is required if larger ammounts of data are sent, to prevent the real host A from responding with an RST. This is not required in most cases when performing this attack against in.rshd due to the small ammount of data transmitted

It should be noted that the sequence number is obtained before accept() has returned and that this cannot be prevented without turning off source routing in the kernel.

As a side note, we’re very lucky that TCP only associates a source route with a PCB when the initial SYN is received. If it accepted and changed the ip options at any point during a connection, more exotic attacks may be possible. These could include hijacking connections across the internet without playing a man in the middle attack and being able to bypass IP options checking imposed by daemons using getsockopt(). Luckily *BSD based TCP/IP stacks will not do this, however it would be interesting to examine other implementations.

Impact
~~~~~~

The impact of this attack is similar to the more complex TCP sequence number prediction attack, yet it involves fewer steps, and does not require us to ‘guess’ the sequence number. This allows an attacker to execute arbitrary commands as root, depending on the configuration of the target
system. It is required that trust is present here, as an example, the use of .rhosts or hosts.equiv files.

Solutions
~~~~~~~~~

The ideal solution to this problem is to have any services which rely on IP based authentication drop the connection completely when initially detecting that source routed options are present. Network administrators and users can take precautions to prevent users outside of their network from taking advantage of this problem. The solutions are hopefully already either implemented or being implemented.

1. Block any source routed connections into your networks
2. Block any packets with internal based address from entering your network.

Network administrators should be aware that these attacks can easily be launched from behind filtering routers and firewalls. Internet service providers and corporations should ensure that internal users cannot launch the described attacks. The precautions suggested above should be implemented
to protect internal networks.

Example code to correctly process source routed packets is presented here as an example. Please let us know if there are any problems with it. This code has been tested on BSD based operating systems.

u_char optbuf[BUFSIZ/3];
int optsize = sizeof(optbuf), ipproto, i;
struct protoent *ip;

if ((ip = getprotobyname(”ip”)) != NULL)
ipproto = ip->p_proto;
else
ipproto = IPPROTO_IP;
if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) &&
optsize != 0) {
for (i = 0; i < c =" optbuf[i];" c ="="" c ="="" c ="="" c ="="">

One critical concern is in the case where TCP wrappers are being used. If a user is relying on TCP wrappers, the above fix should be incorporated into fix_options.c. The problem being that TCP wrappers itself does not close the connection, however removes the options via setsockopt(). In this case when control is passed to in.rshd, it will never see any options present, and the connection will remain open (even if in.rshd has the above patch incorporated). An option to completely drop source routed connections will hopefully be provided in the next release of TCP wrappers. The other option
is to undefine KILL_IP_OPTIONS, which appears to be undefined by default. This passes through IP options and allows the called daemon to handle them accordingly.

Disabling Source Routing
~~~~~~~~~~~~~~~~~~~~~~~~

We believe the following information to be accurate, however it is not guaranteed.

— Cisco

To have the router discard any datagram containing an IP source route option issue the following command:

no ip source-route

This is a global configuration option.

— NetBSD

Versions of NetBSD prior to 1.2 did not provide the capability for disabling source routing. Other versions ship with source routing ENABLED by default. We do not know of a way to prevent NetBSD from accepting source routed packets.
NetBSD systems, however, can be configured to prevent the forwarding of packets when acting as a gateway.

To determine whether forwarding of source routed packets is enabled, issue the following command:

# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt

The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.

Forwarding of source routed packets can be turned off via:

# sysctl -w net.inet.ip.forwsrcrt=0

Forwarding of all packets in general can turned off via:

# sysctl -w net.inet.ip.forwarding=0

— BSD/OS

BSDI has made a patch availible for rshd, rlogind, tcpd and nfsd. This patch is availible at:

ftp://ftp.bsdi.com/bsdi/patches/patches-2.1

OR via their patches email server

The patch number is
U210-037 (normal version)
D210-037 (domestic version for sites running kerberized version)

BSD/OS 2.1 has source routing disabled by default

Previous versions ship with source routing ENABLED by default. As far as we know, BSD/OS cannot be configured to drop source routed packets destined for itself, however can be configured to prevent the forwarding of such packets when acting as a gateway.

To determine whether forwarding of source routed packets is enabled, issue the following command:

# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt

The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.

Forwarding of source routed packets can be turned off via:

# sysctl -w net.inet.ip.forwsrcrt=0

Forwarding of all packets in general can turned off via:

# sysctl -w net.inet.ip.forwarding=0

— OpenBSD

Ships with source routing turned off by default. To determine whether source routing is enabled, the following command can be issued:

# sysctl net.inet.ip.sourceroute

The response will be either 0 or 1, 0 meaning that source routing is off, and 1 meaning it is on. If source routing has been turned on, turn off via:

# sysctl -w net.inet.ip.sourceroute=0

This will prevent OpenBSD from forwarding and accepting any source routed packets.

— FreeBSD

Ships with source routing turned off by default. To determine whether source routing is enabled, the following command can be issued:

# sysctl net.inet.ip.sourceroute

The response will be either 0 or 1, 0 meaning that source routing is off, and 1 meaning it is on. If source routing has been turned on, turn off via:

# sysctl -w net.inet.ip.sourceroute=0

— Linux

Linux by default has source routing disabled in the kernel.

— Solaris 2.x

Ships with source routing enabled by default. Solaris 2.5.1 is one of the few commercial operating systems that does have unpredictable sequence numbers, which does not help in this attack.

We know of no method to prevent Solaris from accepting source routed connections, however, Solaris systems acting as gateways can be prevented from forwarding any source routed packets via the following commands:

# ndd -set /dev/ip ip_forward_src_routed 0

You can prevent forwarding of all packets via:

# ndd -set /dev/ip ip_forwarding 0

These commands can be added to /etc/rc2.d/S69inet to take effect at bootup.

— SunOS 4.x

We know of no method to prevent SunOS from accepting source routed connections, however a patch is availible to prevent SunOS systems from forwarding source routed packets.

This patch is availible at:

ftp://ftp.secnet.com/pub/patches/source-routing-patch.tar.gz

To configure SunOS to prevent forwarding of all packets, the following command can be issued:

# echo “ip_forwarding/w 0″ | adb -k -w /vmunix /dev/mem
# echo “ip_forwarding?w 0″ | adb -k -w /vmunix /dev/mem

The first command turns off packet forwarding in /dev/mem, the second in /vmunix.

— HP-UX

HP-UX does not appear to have options for configuring an HP-UX system to prevent accepting or forwarding of source routed packets. HP-UX has IP forwarding turned on by default and should be turned off if acting as a firewall. To determine whether IP forwarding is currently on, the following
command can be issued:

# adb /hp-ux
ipforwarding?X <- user input ipforwarding: ipforwarding: 1 #

A response of 1 indicates IP forwarding is ON, 0 indicates off. HP-UX can be configured to prevent the forwarding of any packets via the following commands:

# adb -w /hp-ux /dev/kmem
ipforwarding/W 0
ipforwarding?W 0
^D
#

— AIX

AIX cannot be configured to discard source routed packets destined for itself, however can be configured to prevent the forwarding of source routed packets. IP forwarding and forwarding of source routed packets specifically can be turned off under AIX via the following commands:

To turn off forwarding of all packets:

# /usr/sbin/no -o ipforwarding=0

To turn off forwarding of source routed packets:

# /usr/sbin/no -o nonlocsrcroute=0

Note that these commands should be added to /etc/rc.net

If shutting off source routing is not possible and you are still using services which rely on IP address authentication, they should be disabled immediately (in.rshd, in.rlogind). in.rlogind is safe if .rhosts and
/etc/hosts.equiv are not used.

KILL BILL

This post will teach you how you can kill another person with your own two

hands. The information presented here will be very helpful to the beginner and

will also serve as a refresher for those of you already familiar with the

subject.

I will start off by talking about basic things such as stance, what you should

and shouldn't do when fighting and other information that the beginner will

need to know. Then, I will give you a list of over 20 vulnerable points that

one should always try attacking in a fight along with the way these points

should be attacked. Finally, I will give you some more fighting tips and

information on how you can continue learning about hand-to-hand combat.

                                      ^*^

Now, let me discuss some of the basics you will need to know when you are in

any combat situation.

Stance

------

The best stance when confronting an enemy is to put your feet at shoulders

length apart and your arms should be facing forward, parallel to each other and

bent at the elbows. Keep your knees slightly bent and stand on the balls of

your feet.

Remember, you always want to maintain this stance when you are not striking at

the enemy.

Balance

-------

It is always important that you keep your balance. If you use the stance I have

described above, you will never have to worry about it. If by chance you do

lose your balance even for a second you can kiss your ass goodbye as the enemy

will probably kill you.

Aggressiveness

--------------

Always be aggressive and always attack. Don't just stand back and defend

yourself against the enemy's strikes as he will end up killing you eventually.

If you are not aggressive, the enemy will think you are scared and he will have

an advantage over you.

A great thing to do is yell at the enemy. This will scare the shit out of him

if you start yelling at him and plus it also allows you to get more oxygen in

your lungs so you will have more strength.

Natural Weapons

---------------

Your natural weapons are as follows: knife edge of either hand, the heel of

your hands, your fingers folded at the second knuckle, your boot, your elbow,

your knees, your teeth, your fore finger and second finger forming a "V" shape,

and your fist. These body parts alone are some of the most powerful weapons you

can use.

                                      ^*^

Since you now know the basics of fighting, let me list for you the best places

where you should strike your enemy.

Temple

------

A sharp blow to the temple ensures instant death since there is a large artery

and nerve located close to the skin surface. If you give a medium blow to the

temple it will cause severe pain and concussion but a hard blow will kill the

enemy instantly. The best way to strike the temple is with the knife edge of

your hand or if he is on the ground you can kick him with the toe of your boot.

Eyes

----

The eyes are a great place to strike if you can since a good strike in the eyes

will cause temporary or permanent blindness. To blind the enemy, make a "V"

shape with your fore finger and second finger and stick them into his eyes

while keeping your fingers stiff. Also, you can gouge the eyes with your thumb.

Nose

----

The nose is another excellent place to attack. Hit the bridge with the knife

edge of your hand and you will cause breakage, severe pain, temporary blindness

and even death. Or you can use the palm of your hand to strike upwards and push

the nose up into his brain. If done hard enough the nose bone will puncture his

brain and he will die.

Upper Lip

---------

The upper lip contains a lot of nerves close to the skin surface so if you

strike it with the knife edge of your hand it will cause great pain and if

delivered hard enough he will become unconscious.

Mouth

-----

If the enemy is on the ground, use the heel of your boot and strike him on the

mouth. Since there are a lot of veins and arteries in the teeth there will be a

lot of blood which will frighten the enemy and he will lose concentration on

defending other parts of his body.

Chin

----

The chin should only be struck with the palm of your hand as you can break your

fingers on the enemy's chin. Use the palm of your hand and strike the enemy

with a very strong upward blow. This will cause extreme discomfort.

Adam's Apple

------------

Usually the enemy will defend this part of his body well but if you do get the

chance give it a sharp hit with the knife edge of your hand. If you hit it hard

enough you will bust his windpipe and he will die. You can also squeeze the

Adam's Apple between your fingers.

Esophagus

---------

If you have a chance to get a hold of his neck, press your thumbs into his

esophagus (located below the Adam's Apple). Pushing hard will be very painful

and it will block the oxygen flow to his lungs and he will die quickly.

Neck

----

If you give a very strong blow to the base of the neck with the knife edge of

your hand you will usually break it. However, if it is not hard enough, the

enemy might just be knocked unconscious so be sure to hit him in the temple or

twist his neck around to be sure he is dead. The neck is the best place to hit

someone if you want to be quiet as it is quick and the enemy goes down without

a word.

Collar Bone

-----------

The collar bone is an extremely sensitive part of the body. A sharp blow to it

with the knife edge of your hand or your elbow gives the enemy excruciating

pain. Also, digging your finger into the collar bone can bring your enemy to

his knees.

Shoulder

--------

The shoulder is easy dislocated and it takes little strength to do. However, it

should be done quickly. Grab the enemy's arm and pull it behind his back and

then jerk it upwards quickly. You should here a popping sound which means you

have dislocated the enemy's shoulder. There are other methods of doing this but

this is the easiest.

Armpit

------

Although it is hard to get at, the armpit has a large network of nerves. If the

enemy is on the ground, hold up his arm and then kick him in his pit. This will

cause severe pain. However, it is not a very common place that will be struck

in a fight but is good to keep in mind anyways.

Rib Cage

--------

A strike to the rib cage with your fingers folded at the second knuckle is

rather painful and if done hard enough causes severe pain and breakage. Only

use your fingers folded at the second knuckle since that hurts the most.

Solar Plexus

------------

The solar plexus is located on the chest at the little "V" shaped point where

the rib cage ends. There are a large amount of nerves so a blow with the

knuckle of your second finger can cause severe pain and even unconsciousness.

Floating Ribs

-------------

The floating ribs are the lower ribs located at the front and sides of the

enemy's body. Use the knife edge of your hand or the heel or toe of your boot.

The blow will cause pain and will stun the enemy.

Spine

-----

A blow to the spine with the heel of your boot can paralyze or kill your enemy.

The lower spine between the enemy's kidneys is the best place to hit as that is

the least protected part of the spine. You will only be able to attack the

spine when your enemy is on the ground or if his back is turned to you.

Kidneys

-------

The kidneys have two large nerves that are close to the skin surface. If you

strike the kidneys hard it will cause death. You can use a fist or the knife

edge of your hand to hit the kidneys. Or a kick with the heel of your boot will

work too.

Groin

-----

The groin is a good place to strike if you get the chance. Generally, the enemy

will protect this area the most but if you have a chance, strike it with your

knee in an upward motion or with your fist. I'm sure you can imagine the pain

the enemy will get from it.

Tailbone

--------

The tailbone which is located above the anus is a very sensitive part of the

body as a lot of spinal nerves are located there. Use the toe of your boot to

strike the tailbone. The pain from that is unbelievably severe.

Elbow

-----

The elbow is easy to break or dislocate. Pull the enemy's arm behind him and

with the palm of your hand push his elbow inwards until it either cracks or

pops. When the enemy has a useless arm, you have a great advantage over him.

Fingers

-------

The fingers should be broken because the enemy becomes almost helpless with

broken fingers. Grab the enemy's arm with one hand and with the other hand push

the fingers upwards until they snap. It is only necessary to break the first

two fingers. It is also helpful in breaking a grip.

Knee

----

You can destroy the knee by kicking it with the side of your boot in an upward

motion. This will rip the ligaments and the cartilage. This will cause

unbelievable pain and make it impossible for the enemy to move around. Once a

knee has been ruined, you will have a great advantage over the enemy.

Ankle

-----

If the enemy is on the ground, get a hold of his ankle and twist it until it

snaps. This will make it almost impossible for him to walk and he will then be

easy to kill.

                                      ^*^

Let me talk about some more important things you should remember when you are

fighting somebody.

Tactics

-------

Always try to throw your enemy off balance. You can do this by charging the

enemy and pretending to strike him. This will make him flinch and lose his

balance.

Always look for a weak spot and attack it. Whenever he leaves a vulnerable part

of his body unprotected attack it with all your strength. By doing this, he

will then try to protect the part of his body that you just struck thus leaving

even more unprotected parts open.

Use any available object that you can. By this I mean throw sand in his eyes,

block his strikes by hitting him with a large branch, or any other kind of

available material that can be used as a weapon against him.

Foul Play

---------

In a life or death situation there is no such thing as foul play and there are

no rules either. Although hitting someone in the groin is considered a cheap

shot in high school, it is a very effective way of destroying your enemy. Just

hit him where you can and kick him when he's down. That way, he will never get

back up again.

                                      ^*^

I have now explained to you the basics of fighting and the best places to

attack your enemy on his body. Just because you have read this file doesn't

mean you will be able to go out and kick somebody's ass in. These methods take

a lot of practice in order to do them properly.

If you enjoyed this file and would like to practice these methods get a partner

who is also interested in this and work on each type of strike and kick. When

you first start out, go slowly and remember that these methods are deadly and

do not require much force to be effective so take it easy on your partner.

Some of you may decide that practicing is not enough and you would like to

learn more than what I have told you in the above. Well, there are several good

books with illustrations on this subject which go into much more detail than I

ever could in this file. The book I used mainly to write this file was "The

Marine Corps Field Manual on Physical Security". You can get this book through

a good book store or if you happen to know a marine, he can get you a copy very

easily.

There are also camps where you can go for 1-2 weeks to learn all sorts of

things like this such as firing weapons, detailed hand-to-hand combat, doing

raids on enemies and all sorts of other stuff like that. The instructors that

teach these programs are well trained and have had years of experience with

this. However, usually you have to be 18 years or older to get into these

programs and you have to be very serious about it as well. This is not one of

those programs where you can say "Time-out, I need to rest." They don't stop

just to suit you. To get more information about these programs, you can usually

find out about them in magazines like "Soldier of Fortune" and other magazines

with similar theme.

STORIES ABOUT A PARDON

Pardon is a two-way street: whenever we pardon someone, we are also pardoning ourselves. If we are tolerant towards others, it is easier to accept our own mistakes. From that moment on, free of guilt and bitterness, we manage to take a better attitude towards life.

Peter asked Christ: "Master, do I have to pardon my neighbor seven time?" And Christ answered: "Not just seven times but seventy times." Not being a saint, I often find it hard to pardon;it is difficult to accept certain injustices. But I manage to use my will power and control myself, then later on i understand that I always come out winning when I act in this way.

A PRAYER IN A CHURCH

I found the text in Russian and i asked my friend to interpret it . According to him, below the prayer was a note saying that it was part of the Ojibwa tradition. Since i do not know what tradition is referred to, I reproduce only the words written:

" I have sought to understand the voice of the wind and the breath that created me, so listen to me.
" I come to thee as one of Your many children. I am fallible and small ; I need Your wisdom and strength. Let me walk in Your beauty, and make my eyes always see the red and purple of dusk. Make my hands respect the things that You have created, and enable my ears to understand Your voice.
"Make me wise so that i can absorb what You have taught my people and learn the lessons that You hane hidden in each leaf and each rock.

" I beg You for strength and wisdom, not to be better than my brothers but so that I can defeat the worst enemy i have: myself. In that way my spirit will be able to return to You without sin."

THE WISE MAN

A Chinese wise man boarded a ship that was leaving the city to cross the Pacific Ocean. His presence was noted by the other passengers, who came to ask his advice on everything. He patiently listened to all, but always said the same thing:

"Be aware of death . That will make you live each day more intensely."

The passengers quickly grew tired of the wise man. In the middle of the journey a storm almost sank the ship; there were endless hours of despair - except for the Chinese passenger , who remained peaceful all the time . When the sea calmed down , someone asked him:


"I wonder whether you noticed that between life and death there was only a wooden shell protecting us?"

"Yes," was the answer. "And I wonder whether you noticed that in everyday life there is less than that protecting us?"

Siberian shamans

The shaman decided to leave his best disciple on the bank of a river that flows into Lake Baikal so that he can spend his life in meditation.

"But do take care not to get confused by the path itself, " he warned .

One night mice ate the disciple's loincloth.The young man found a cat to kill the mice, but he needed milk to feed the cat.

He began to beg. Since he spent no money, he saved up and bought a cow; in that way there would never be any lack of milk. To feed the cow he tilled the neighbor's field in exchange for a part of the land. After a lot of hard toil he managed to have an excellent harvest and also arranged a wife for himself. His wife had a knack of business and years later, when the shaman passed through the area, he found him changed into a prosperous businessman.


"What does all this mean?" he asked.

"You won't believe it," said the disciple, "but this was the only way to save my loincloth!"