Posts
Hello world!
-
Welcome to WordPress.com. This is your first post. Edit or delete it and
start blogging!
15 years ago
Saturday, July 12, 2008
Wednesday, July 9, 2008
The normal eye
The normal eye :
- Anterior length 24 mm
-Volume 6.5cc
-Weight 7 gm
- IOP 7-21 mm of Hg
- Circumference 75 mm
- Blinking rate 18 times/minute
-Visual acuity distance 6/6, near N5
- At birth refractive error +2 -- +3 DS
- Total power of the eye
- Dioptic power of the cornea +43 DS
- Diameter 11- 12 mm
- Pupil size 2.5 – 3.0 mm
- Anterior length 24 mm
-Volume 6.5cc
-Weight 7 gm
- IOP 7-21 mm of Hg
- Circumference 75 mm
- Blinking rate 18 times/minute
-Visual acuity distance 6/6, near N5
- At birth refractive error +2 -- +3 DS
- Total power of the eye
- Dioptic power of the cornea +43 DS
- Diameter 11- 12 mm
- Pupil size 2.5 – 3.0 mm
Common abbreviation used in ophthalmology and optometry--01
Vision and refraction :
NPA—Near Point of Accommodation
NPC—Near Point of Convergence
D--Diopter
AL--Axial Length
LVA --Low Vision Aid
Sph--Spherical
Cyl--Cylindrical
AR--Anti-Reflecting
PAL—Progressive Addition Lens
IPD—Inter Pupillary Distance
FR—Far Point
VR—Vertex Distance
RE—Refractive Error
VA—Visual Acuity
BSB—Binocular Single Vision
PL—Perception of Light
PR—Projection of Rays
CF—Counting Finger
NPL—No Perception of Light
HM—Hand Movement
OD—Oculus Dexter ( right eye)
OS—Oculus Sinister ( left eye)
OU—Oculi Uterique ( both eye)
cc—cum correctore ( with correctors)
sc—sine correctore ( without correctors)
VR—Vertex Distance
SHA—Simple Hyperopic Astigmatism
CHA—Compound Hyperopic Astigmatism
Mix-A—Mixed Astigmatism
S—Sphere
C—Cylinder
X—Axis
VEP—Visual Evoked Potential
WD—Working Distance
CSF—Contrast sensitivity Function
SMA—Simple Myopic Astigmatism
CMA—Compound Myopic Astigmatism
PH—Pin Hole
P—Pupil
Tuesday, July 8, 2008
Work toghether
we, all the people fo world we can live together. we can earn together. we should help the poor people. we have to work for his/her who has no any property to live. really we are created by the creator for helping mankind. so, work for mankind.
Monday, July 7, 2008
Cyberterrorism by Anonraider
In light of the recent focus the United States has placed on security, consider these scenarios * At an international airport, a terrorist uses a modem in his notebook to hack in the wireless LAN of an airlines curbside check-in Service, providing clearance for himself and 10 other conspirators to board flight to the united states under assumed names * A group of servers uses the internet to launch attacks against the computers of dozens of broadcasting companies, exploiting a newly discovered vulnerbilityto gain entrance. The attack scrambles the incoming satellite feed and shuts down the stations' transmissions. Televesion viewers across the country find their services discrupted * A terrorist hacks into the computer networks of hospitals around the country, exploiting security holes to gain access. Once inside these computer systems, the terrorist alters the medical directives for the patients, instructing the systems, which automatically dispense medications, to feed deadly drug combinations into these patients veins. * Hundredes of thousands of servers around the world send a coodinated flood of data packets over the internet to the main routers that handle traffic. This data overload temporarily cripples much of the internet's data flow, including email and voice transmissions. Dozens of telephone networks, which have begun routing some of their calls over the internet, experience connection failures. Only a few years ago, these possible events would only have been scenes from a movie. Today, security experts warn that the possibility exists. Following 09/11 the FBI's NIPC ( national infrastructure protection center ) and the SANS ( system Administration, networking and security ) institute a colation of 156,000 security and technical professionals, released the top 20 security vulnerbilities that crackers could use to damage both the internet and companies it connects. The list is available at http://www.sans.org/top20.htm. Along with the list came a sobering message: THE INTERNET IS AT RISK. "the internet is simply not ready because of these vulnerbilities. We're not ready to withstand a major Attack" , states ALLAN PALLER, the SANS institute director, at at press briefing helf for the release of the FBI/SANS top 20.
How to become a master hacker
This is a paper will be broken into two parts, one showing 15 easy steps
to becoming a uebercracker and the next part showing how to become a
ueberadmin and how to stop a uebercracker. A uebercracker is a term phrased
by Dan Farmer to refer to some elite (cr/h)acker that is practically
impossible to keep out of the networks.
Here's the steps to becoming a uebercracker.
Step 1. Relax and remain calm. Remember YOU are a Uebercracker.
Step 2. If you know a little Unix, you are way ahead of the crowd and skip
past step 3.
Step 3. You may want to buy Unix manual or book to let you know what
ls,cd,cat does.
Step 4. Read Usenet for the following groups: alt.irc, alt.security,
comp.security.unix. Subscribe to Phrack@well.sf.ca.us to get a background
in uebercracker culture.
Step 5. Ask on alt.irc how to get and compile the latest IRC client and
connect to IRC.
Step 6. Once on IRC, join the #hack channel. (Whew, you are half-way
there!)
Step 7. Now, sit on #hack and send messages to everyone in the channel
saying "Hi, Whats up?". Be obnoxious to anyone else that joins and asks
questions like "Why cant I join #warez?"
Step 8. (Important Step) Send private messages to everyone asking for new
bugs or holes. Here's a good pointer, look around your system for binary
programs suid root (look in Unix manual from step 3 if confused). After
finding a suid root binary, (ie. su, chfn, syslog), tell people you have a
new bug in that program and you wrote a script for it. If they ask how it
works, tell them they are "layme". Remember, YOU are a UeberCracker. Ask
them to trade for their get-root scripts.
Step 9. Make them send you some scripts before you send some garbage file
(ie. a big core file). Tell them it is encrypted or it was messed up and
you need to upload your script again.
Step 10. Spend a week grabbing all the scripts you can. (Dont forget to be
obnoxious on #hack otherwise people will look down on you and not give you
anything.)
Step 11. Hopefully you will now have atleast one or two scripts that get
you root on most Unixes. Grab root on your local machines, read your
admin's mail, or even other user's mail, even rm log files and whatever
temps you. (look in Unix manual from step 3 if confused).
Step 12. A good test for true uebercrackerness is to be able to fake mail.
Ask other uebercrackers how to fake mail (because they have had to pass the
same test). Email your admin how "layme" he is and how you got root and how
you erased his files, and have it appear coming from satan@evil.com.
Step 13. Now, to pass into supreme eliteness of uebercrackerness, you brag
about your exploits on #hack to everyone. (Make up stuff, Remember, YOU are
a uebercracker.)
Step 14. Wait a few months and have all your notes, etc ready in your room
for when the FBI, Secret Service, and other law enforcement agencies
confinscate your equipment. Call eff.org to complain how you were innocent
and how you accidently gotten someone else's account and only looked
because you were curious. (Whatever else that may help, throw at them.)
Step 15. Now for the true final supreme eliteness of all uebercrackers, you
go back to #hack and brag about how you were busted. YOU are finally a
true Uebercracker.
Now the next part of the paper is top secret. Please only pass to trusted
administrators and friends and even some trusted mailing lists, Usenet
groups, etc. (Make sure no one who is NOT in the inner circle of security
gets this.)
This is broken down on How to Become an UeberAdmin (otherwise know as a
security expert) and How to stop Uebercrackers.
Step 1. Read Unix manual ( a good idea for admins ).
Step 2. Very Important. chmod 700 rdist; chmod 644 /etc/utmp. Install
sendmail 8.6.4. You have probably stopped 60 percent of all Uebercrackers
now. Rdist scripts is among the favorites for getting root by
uebercrackers.
Step 3. Okay, maybe you want to actually secure your machine from the
elite Uebercrackers who can break into any site on Internet.
Step 4. Set up your firewall to block rpc/nfs/ip-forwarding/src routing
packets. (This only applies to advanced admins who have control of the
router, but this will stop 90% of all uebercrackers from attempting your
site.)
Step 5. Apply all CERT and vendor patches to all of your machines. You have
just now killed 95% of all uebercrackers.
Step 6. Run a good password cracker to find open accounts and close them.
Run tripwire after making sure your binaries are untouched. Run tcp_wrapper
to find if a uebercracker is knocking on your machines. Run ISS to make
sure that all your machines are reasonably secure as far as remote
configuration (ie. your NFS exports and anon FTP site.)
Step 7. If you have done all of the following, you will have stopped 99%
of all uebercrackers. Congrads! (Remember, You are the admin.)
Step 8. Now there is one percent of uebercrackers that have gained
knowledge from reading some security expert's mail (probably gained access
to his mail via NFS exports or the guest account. You know how it is, like
the mechanic that always has a broken car, or the plumber that has the
broken sink, the security expert usually has an open machine.)
Step 9. Here is the hard part is to try to convince these security experts
that they are not so above the average citizen and that by now giving out
their unknown (except for the uebercrackers) security bugs, it would be a
service to Internet. They do not have to post it on Usenet, but share
among many other trusted people and hopefully fixes will come about and
new pressure will be applied to vendors to come out with patches.
Step 10. If you have gained the confidence of enough security experts,
you will know be a looked upto as an elite security administrator that is
able to stop most uebercrackers. The final true test for being a ueberadmin
is to compile a IRC client, go onto #hack and log all the bragging and
help catch the uebercrackers. If a uebercracker does get into your system,
and he has used a new method you have never seen, you can probably tell
your other security admins and get half of the replies like - "That bug
been known for years, there just isn't any patches for it yet. Here's my
fix." and the other half of the replies will be like - "Wow. That is very
impressive. You have just moved up a big notch in my security circle."
VERY IMPORTANT HERE: If you see anyone in Usenet's security newsgroups
mention anything about that security hole, Flame him for discussing it
since it could bring down Internet and all Uebercrackers will now have it
and the million other reasons to keep everything secret about security.
Well, this paper has shown the finer details of security on Internet. It has
shown both sides of the coin. Three points I would like to make that would
probably clean up most of the security problems on Internet are as the
following:
1. Vendors need to make security a little higher than zero in priority.
If most vendors shipped their Unixes already secure with most known bugs
that have been floating around since the Internet Worm (6 years ago) fixed
and patched, then most uebercrackers would be stuck as new machines get
added to Internet. (I believe Uebercracker is german for "lame copy-cat
that can get root with 3 year old bugs.") An interesting note is that
if you probably check the mail alias for "security@vendor.com", you will
find it points to /dev/null. Maybe with enough mail, it will overfill
/dev/null. (Look in manual if confused.)
2. Security experts giving up the attitude that they are above the normal
Internet user and try to give out information that could lead to pressure
by other admins to vendors to come out with fixes and patches. Most
security experts probably don't realize how far their information has
already spread.
3. And probably one of the more important points is just following the
steps I have outlined for Stopping a Uebercracker.
to becoming a uebercracker and the next part showing how to become a
ueberadmin and how to stop a uebercracker. A uebercracker is a term phrased
by Dan Farmer to refer to some elite (cr/h)acker that is practically
impossible to keep out of the networks.
Here's the steps to becoming a uebercracker.
Step 1. Relax and remain calm. Remember YOU are a Uebercracker.
Step 2. If you know a little Unix, you are way ahead of the crowd and skip
past step 3.
Step 3. You may want to buy Unix manual or book to let you know what
ls,cd,cat does.
Step 4. Read Usenet for the following groups: alt.irc, alt.security,
comp.security.unix. Subscribe to Phrack@well.sf.ca.us to get a background
in uebercracker culture.
Step 5. Ask on alt.irc how to get and compile the latest IRC client and
connect to IRC.
Step 6. Once on IRC, join the #hack channel. (Whew, you are half-way
there!)
Step 7. Now, sit on #hack and send messages to everyone in the channel
saying "Hi, Whats up?". Be obnoxious to anyone else that joins and asks
questions like "Why cant I join #warez?"
Step 8. (Important Step) Send private messages to everyone asking for new
bugs or holes. Here's a good pointer, look around your system for binary
programs suid root (look in Unix manual from step 3 if confused). After
finding a suid root binary, (ie. su, chfn, syslog), tell people you have a
new bug in that program and you wrote a script for it. If they ask how it
works, tell them they are "layme". Remember, YOU are a UeberCracker. Ask
them to trade for their get-root scripts.
Step 9. Make them send you some scripts before you send some garbage file
(ie. a big core file). Tell them it is encrypted or it was messed up and
you need to upload your script again.
Step 10. Spend a week grabbing all the scripts you can. (Dont forget to be
obnoxious on #hack otherwise people will look down on you and not give you
anything.)
Step 11. Hopefully you will now have atleast one or two scripts that get
you root on most Unixes. Grab root on your local machines, read your
admin's mail, or even other user's mail, even rm log files and whatever
temps you. (look in Unix manual from step 3 if confused).
Step 12. A good test for true uebercrackerness is to be able to fake mail.
Ask other uebercrackers how to fake mail (because they have had to pass the
same test). Email your admin how "layme" he is and how you got root and how
you erased his files, and have it appear coming from satan@evil.com.
Step 13. Now, to pass into supreme eliteness of uebercrackerness, you brag
about your exploits on #hack to everyone. (Make up stuff, Remember, YOU are
a uebercracker.)
Step 14. Wait a few months and have all your notes, etc ready in your room
for when the FBI, Secret Service, and other law enforcement agencies
confinscate your equipment. Call eff.org to complain how you were innocent
and how you accidently gotten someone else's account and only looked
because you were curious. (Whatever else that may help, throw at them.)
Step 15. Now for the true final supreme eliteness of all uebercrackers, you
go back to #hack and brag about how you were busted. YOU are finally a
true Uebercracker.
Now the next part of the paper is top secret. Please only pass to trusted
administrators and friends and even some trusted mailing lists, Usenet
groups, etc. (Make sure no one who is NOT in the inner circle of security
gets this.)
This is broken down on How to Become an UeberAdmin (otherwise know as a
security expert) and How to stop Uebercrackers.
Step 1. Read Unix manual ( a good idea for admins ).
Step 2. Very Important. chmod 700 rdist; chmod 644 /etc/utmp. Install
sendmail 8.6.4. You have probably stopped 60 percent of all Uebercrackers
now. Rdist scripts is among the favorites for getting root by
uebercrackers.
Step 3. Okay, maybe you want to actually secure your machine from the
elite Uebercrackers who can break into any site on Internet.
Step 4. Set up your firewall to block rpc/nfs/ip-forwarding/src routing
packets. (This only applies to advanced admins who have control of the
router, but this will stop 90% of all uebercrackers from attempting your
site.)
Step 5. Apply all CERT and vendor patches to all of your machines. You have
just now killed 95% of all uebercrackers.
Step 6. Run a good password cracker to find open accounts and close them.
Run tripwire after making sure your binaries are untouched. Run tcp_wrapper
to find if a uebercracker is knocking on your machines. Run ISS to make
sure that all your machines are reasonably secure as far as remote
configuration (ie. your NFS exports and anon FTP site.)
Step 7. If you have done all of the following, you will have stopped 99%
of all uebercrackers. Congrads! (Remember, You are the admin.)
Step 8. Now there is one percent of uebercrackers that have gained
knowledge from reading some security expert's mail (probably gained access
to his mail via NFS exports or the guest account. You know how it is, like
the mechanic that always has a broken car, or the plumber that has the
broken sink, the security expert usually has an open machine.)
Step 9. Here is the hard part is to try to convince these security experts
that they are not so above the average citizen and that by now giving out
their unknown (except for the uebercrackers) security bugs, it would be a
service to Internet. They do not have to post it on Usenet, but share
among many other trusted people and hopefully fixes will come about and
new pressure will be applied to vendors to come out with patches.
Step 10. If you have gained the confidence of enough security experts,
you will know be a looked upto as an elite security administrator that is
able to stop most uebercrackers. The final true test for being a ueberadmin
is to compile a IRC client, go onto #hack and log all the bragging and
help catch the uebercrackers. If a uebercracker does get into your system,
and he has used a new method you have never seen, you can probably tell
your other security admins and get half of the replies like - "That bug
been known for years, there just isn't any patches for it yet. Here's my
fix." and the other half of the replies will be like - "Wow. That is very
impressive. You have just moved up a big notch in my security circle."
VERY IMPORTANT HERE: If you see anyone in Usenet's security newsgroups
mention anything about that security hole, Flame him for discussing it
since it could bring down Internet and all Uebercrackers will now have it
and the million other reasons to keep everything secret about security.
Well, this paper has shown the finer details of security on Internet. It has
shown both sides of the coin. Three points I would like to make that would
probably clean up most of the security problems on Internet are as the
following:
1. Vendors need to make security a little higher than zero in priority.
If most vendors shipped their Unixes already secure with most known bugs
that have been floating around since the Internet Worm (6 years ago) fixed
and patched, then most uebercrackers would be stuck as new machines get
added to Internet. (I believe Uebercracker is german for "lame copy-cat
that can get root with 3 year old bugs.") An interesting note is that
if you probably check the mail alias for "security@vendor.com", you will
find it points to /dev/null. Maybe with enough mail, it will overfill
/dev/null. (Look in manual if confused.)
2. Security experts giving up the attitude that they are above the normal
Internet user and try to give out information that could lead to pressure
by other admins to vendors to come out with fixes and patches. Most
security experts probably don't realize how far their information has
already spread.
3. And probably one of the more important points is just following the
steps I have outlined for Stopping a Uebercracker.
Subscribe to:
Posts (Atom)