Eikonal Blog


Windows annoyances

Setting the default dictionary in Word 2007

2010.10.26: From some reason Word decided that this specific document is written in Spanish (it is not) instead in the plain US English. Consequently it tagged many words as misspelled. One can go through the document and correct the dictionary chosen for each tagged word, or use our friend Google to find the solution. Two comments attached to the posting [1] were useful. In essence, while editing the problematic document, go to the “REVIEW” tab, choose the “SET LANGUAGE” button, and there set the “MARK THE SELECTED TEXT AS:” to the desired language. While you are there, you may want to uncheck the “DETECT LANGUAGE AUTOMATICALLY” check field.

What a drag. Half an hour of lost time.


Control of the default sound signals

Winsxs folder

Windows Installer Folder


The art of presentation

Filed under: business — sandokan65 @ 21:57
  • “The 10/20/30 Rule of PowerPoint” by Guy Kawasaki (2005.12.30) – http://blog.guykawasaki.com/2005/12/the_102030_rule.html
      The 10/20/30 Rule of PowerPoint: … a PowerPoint presentation should have ten slides, last no more than twenty minutes, and contain no font smaller than thirty points.

    • Ten slides. … a normal human being cannot comprehend more than ten concepts in a meeting … The ten topics that a venture capitalist cares about are:
      • 1. Problem
      • 2. Your solution
      • 3. Business model
      • 4. Underlying magic/technology
      • 5. Marketing and sales
      • 6. Competition
      • 7. Team
      • 8. Projections and milestones
      • 9. Status and timeline
      • 0. Summary and call to action
    • Twenty minutes.
    • Thirty-point font. … If “thirty points,” is too dogmatic, the I offer you an algorithm: find out the age of the oldest person in your audience and divide it by two. That’s your optimal font size.


Filed under: business — Tags: — sandokan65 @ 21:54
  • “Schmoozing 101: The Gift Of Gab” by Erin Pooley (Canadian Business Online; 2005.12.05) – http://www.canadianbusiness.com/managing/career/article.jsp?content=20060106_141640_5236While most of us won’t make it onto the Canadian Business Rich List, it doesn’t mean that hobnobbing with the fabulously wealthy is out of the question.
  • “Schmoozing 101” by Corey Hajim (2001.12.03) – http://media.www.harbus.org/media/storage/paper343/news/2001/12/03/AccessRecruitingGuide/Schmoozing.101-155809.shtml
  • “The Art of Schmoozing” by Guy Kawasaki (2006.02.01) – http://blog.guykawasaki.com/2006/02/the_art_of_schm.html

    • “It’s not what you know or who you know, but who knows you.” Susan RoAne.
    • The key is to establish a relationship before you need it. And this is why I’d like to provide the art of schmoozing.
    • 1. Understand the goal. … “Discovering what you can do for someone else.” …
    • 2. Get out.
    • 3. Ask good questions, then shut up. … get others to talk a lot. … good schmoozers are good listeners, not good talkers …
    • 4. Unveil your passions.
    • 5. Read voraciously. … read voraciously–and not just the EE Times, PC Magazine, and the Wall Street Journal. You need a broad base of knowledge so that you can access a vast array of information during conversations. …
    • 6. Follow up.
    • 7. Make it easy to get in touch.
    • 8. Give favors.
    • 9. Ask for the return of favors. Good schmoozers give favors. Good schmoozers also return favors. However, great schmoozers ask for the return of favors. …

Related here: Skills – https://eikonal.wordpress.com/2010/09/09/skils/

The Flake Equation

Filed under: fun — sandokan65 @ 21:27

The Flake's equation


Filed under: health, yoga — Tags: , , , , , , , , , , — sandokan65 @ 20:19

Yoga Nidra

Books and Magazines

Related local links: Fitness links – https://eikonal.wordpress.com/2010/02/10/fitness-links/

Magnetic sense


Surveillance, wiretapping, tracking, etc.

There are (at least) 4 types of big brothers:

  • Type I: (True Big Brother) Governments and their services. They track population in order to prevent, detect, undercut and punish political dissent, frequently under pretense of enforcing various laws. They have full latitude to amend existing or generate the new laws (DMCA, ACTA, …) in order to legislate-out undesirable behaviors. Due to instrumentation of governments by certain well organized holders of the money (industry: e.g. RIAA, MPAA, etc), they frequently act as a suppressors of behaviors, groups and individuals that these branches of industry consider undesirable.
  • Type II: (Small Big Brother) Commercial industry. There are two main motivations here: 1) suppression of threats to their current business model, and 2) acquisition of consumer data with intent to somehow monetarize collected information (e.g. by cross-pollination with other databases, targeted advertising, profiling the households, etc).
  • Type III: (Wannabe Big Brother) Non-legal entities that look for (mainly) monetary gain by use of users data. This include various criminal groups, unaligned individuals, etc.
  • Type IV: (Not-really Big Brother) family members, stalkers, etc

Surveillance by Type I Big Brothers


Surveillance by Type II Big Brothers

DNA registry for whole population



New fad/fraud

Filed under: martial arts — Tags: — sandokan65 @ 15:58

Couple of days ago I got the submission on this blog about something called “Thick Black Theory”. Searching web shows that this is a new fad in the line of “Art of War”. Allegedly the originator of the theory is some chinese politician from 19th century who propagated the idea that in order to succeed you have to be ruthless and cunning.

It is likely a fraud: see following review at Amazon: http://www.amazon.com/review/RQ7L19QQEA56J/ref=cm_cr_pr_viewpnt#RQ7L19QQEA56J. Also see following message at an discussion forum: http://forum.healingdao.com/general/message/18856%5C.

The WikiPedia page is also shady: http://en.wikipedia.org/wiki/Thick_Black_Theory.

Matt Furey’s article on TBT: http://www.mattfurey.com/thickfaceblackheart.html.

AJAX Security

Filed under: infosec — Tags: — sandokan65 @ 14:37



Filed under: life, paleontology — Tags: , — sandokan65 @ 13:23

Dinosaurs etc

Facebook monkeying again with user trust model

Filed under: FaceBook, information disclosure, opression, surveillance — Tags: , — sandokan65 @ 10:30

TechCrunch has an article on the one more underhanded switch that Facebook did to the user trust model: “Facebook Has Quietly Implemented A De-Facto Follow Feature” by MG Siegler (2010.09.20) – http://techcrunch.com/2010/09/20/facebook-not-now-follow/. It is as if the Facebook is run an manned by bunch of evil minds trying to find new ways how to screw users’ trust and shatter any remaining semblance/bit of privacy.
Following two paragraphs are capturing the essence of this new change:

    “You see, when someone requests to be your friend on Facebook, this automatically subscribes them to all of your public (“Everyone”) posts in their News Feed. Facebook doesn’t talk about this much, but it’s a very real feature, which we reported on in July of last year. You see these posts until this person rejects you (because obviously if they accept you as a friend, you’ll keep seeing them). So with this new Not Now button, and the removal of the simple rejection mechanism, Facebook has basically created a de-facto follow feature.

    With the Not Now button, Facebook took what was a one-step rejection and made it at least two steps — and that’s only if you want to truly block somebody (after you click the Not Now button, they ask “Don’t know XXXX XXXX?” and if you click that, it will block them from making any further friend requests). If you just want to deny a person’s request without blocking them, you have to go to the Requests page — the limbo area that Facebook sends the Not Now people to. This area isn’t particularly easy to find; it’s buried in the Friends -> Find Friends area. In other words, it’s now quite a few steps simply to reject a person’s friend request as you previously could.”


Martial arts sites



Brazilian Jiu-Jitsu and other forms of grappling

Filipino martial arts

Weapons defense




Related here: Martial Arts articles – https://eikonal.wordpress.com/2010/09/08/martial-arts-articles/ | Martial Arts magazines and other sources – https://eikonal.wordpress.com/2010/02/05/martial-arts-magazines-and-other-sources/ | Chuck Norris superman meme – https://eikonal.wordpress.com/2010/01/22/chuck-norris-superman-meme.


Nmap options, switches and uses

There are probably many places containing lists of useful nmap commands. I have found these two large lists quite useful:

Please use these sites directly, and this blog post only as a backup/blended copy.

Basic techniques

  • Scan a Single Target:
      nmap [target]
  • Scan Multiple Targets
      # nmap [target1, target2, etc]
  • Scan a List of Targets
      # nmap -iL [list.txt]
  • Scan a Range of Hosts
      # nmap [range of ip addresses]
  • Scan an Entire Subnet
      # nmap [ip address/cdir]
  • Scan Random Hosts
      # nmap -iR [number]
  • Excluding Targets from a Scan
      # nmap [targets] --exclude [targets]
  • Excluding Targets Using a List
      # nmap [targets] --excludefile [list.txt]
  • Perform an Aggressive Scan
      # nmap -A [target]
  • Scan an IPv6 Target
      # nmap -6 [target]

Discovery Options

  • Perform a Ping Only Scan
      # nmap -sP [target]
  • Don�t Ping
      # nmap -PN [target]
  • TCP SYN Ping
      # nmap -PS [target]
  • TCP ACK Ping
      # nmap -PA [target]
  • UDP Ping
      # nmap -PU [target]
  • SCTP INIT Ping
      # nmap -PY [target]
  • ICMP Echo Ping
      # nmap -PE [target]
  • ICMP Timestamp Ping
      # nmap -PP [target]
  • ICMP Address Mask Ping
      # nmap -PM [target]
  • IP Protocol Ping
      # nmap -PO [target]
  • ARP Ping
      # nmap -PR [target]
  • Traceroute
      # nmap --traceroute [target]
  • Force Reverse DNS Resolution
      # nmap -R [target]
  • Disable Reverse DNS Resolution
      # nmap -n [target]
  • Alternative DNS Lookup
      # nmap --system-dns [target]
  • Manually Specify DNS Server(s)
      # nmap --dns-servers [servers] [target]
  • Create a Host List
      # nmap -sL [targets

Advanced Scanning Functions

  • TCP SYN Scan
      # nmap -sS [target]
  • TCP Connect Scan
      # nmap -sT [target]
  • UDP Scan
      # nmap -sU [target]
  • TCP NULL Scan
      # nmap -sN [target]
  • TCP FIN Scan
      # nmap -sF [target]
  • Xmas Scan
      # nmap -sX [target]
  • TCP ACK Scan
      # nmap -sA [target]
  • Custom TCP Scan
      # nmap --scanflags [flags] [target]
  • IP Protocol Scan
      # nmap -sO [target]
  • Send Raw Ethernet Packets
      # nmap --send-eth [target]
  • Send IP Packets
      # nmap --send-ip [target]
  • TCP Connect scanning for localhost and network
      # nmap -v -sT localhost
      # nmap -v -sT
  • >nmap TCP SYN (half-open) scanning:
      # nmap -v -sS localhost
      # nmap -v -sS
  • nmap TCP FIN scanning:
      # nmap -v -sF localhost
      # nmap -v -sF
  • nmap TCP Xmas tree scanning:
      # nmap -v -sX localhost
      # nmap -v -sX

    Useful to see if firewall protecting against this kind of attack or not.

  • nmap TCP Null scanning:
      # nmap -v -sN localhost
      # nmap -v -sN

    Useful to see if firewall protecting against this kind attack or not.

  • nmap TCP Windows scanning:
      # nmap -v -sW localhost
      # nmap -v -sW
  • nmap TCP RPC scanning:
      # nmap -v -sR localhost
      # nmap -v -sR

    Useful to find out RPC (such as portmap) services.

  • nmap UDP scanning:
      # nmap -v -O localhost
      # nmap -v -O

    Useful to find out UDP ports.

  • nmap remote software version scanning:
      # nmap -v -sV localhost
      # nmap -v -sV

    You can also find out what software version opening the port.

Port Scanning Options

  • Perform a Fast Scan
      # nmap -F [target]
  • Scan Specific Ports
      # nmap -p [port(s)] [target]
  • Scan Ports by Name
      # nmap -p [port name(s)] [target]
  • Scan Ports by Protocol
      # nmap -sU -sT -p U:[ports],T:[ports] [target]
  • Scan All Ports
      # nmap -p "*" [target]
  • Scan Top Ports
      # nmap --top-ports [number] [target]
  • Perform a Sequential Port Scan
      # nmap -r [target]

Version Detection

  • Operating System Detection
      # nmap -O [target]
  • Submit TCP/IP Fingerprints
      # www.nmap.org/submit/
  • Attempt to Guess an Unknown OS
      # nmap -O --osscan-guess [target]
  • Service Version Detection
      # nmap -sV  [target]
  • Troubleshooting Version Scans
      # nmap -sV --version-trace [target]
  • Perform a RPC Scan
      # nmap -sR [target]

Timing Options

  • Timing Templates
      # nmap -T[0-5] [target]
  • Set the Packet TTL
      # nmap --ttl [time] [target]
  • Minimum # of Parallel Operations
      # nmap --min-parallelism [number] [target]
  • Maximum # of Parallel Operations
      # nmap --max-parallelism [number] [target]
  • Minimum Host Group Size
      # nmap --min-hostgroup [number] [targets
  • Maximum Host Group Size
      # nmap --max-hostgroup [number] [targets
  • Maximum RTT Timeout
      # nmap --initial-rtt-timeout [time] [target]
  • Initial RTT Timeout
      # nmap --max-rtt-timeout [TTL] [target]
  • Maximum Retries
      # nmap --max-retries [number] [target]
  • Host Timeout
      # nmap --host-timeout [time] [target]
  • Minimum Scan Delay
      # nmap --scan-delay [time] [target]
  • Maximum Scan Delay
      # nmap --max-scan-delay [time] [target]
  • Minimum Packet Rate
      # nmap --min-rate [number] [target]
  • Maximum Packet Rate
      # nmap --max-rate [number] [target]
  • Defeat Reset Rate Limits
      # nmap --defeat-rst-ratelimit [target]

Firewall Evasion Techniques

  • Fragment Packets
      # nmap -f [target]
  • Specify a Specific MTU
      # nmap --mtu [MTU] [target]
  • Use a Decoy
      # nmap -D RND:[number] [target]
  • Idle Zombie Scan
      # nmap -sI [zombie] [target]
  • Manually Specify a Source Port
      # nmap --source-port [port] [target]
  • Append Random Data
      # nmap --data-length [size] [target]
  • Randomize Target Scan Order
      # nmap --randomize-hosts [target]
  • Spoof MAC Address
      # nmap --spoof-mac [MAC|0|vendor] [target]
  • Send Bad Checksums
      # nmap --badsum [target]

Output Options

  • Save Output to a Text File
      # nmap -oN [scan.txt] [target]
  • Save Output to a XML File
      # nmap -oX [scan.xml] [target]
  • Grepable Output
      # nmap -oG [scan.txt] [targets
  • Output All Supported File Types
      # nmap -oA [path/filename] [target]
  • Periodically Display Statistics
      # nmap --stats-every [time] [target]
  • 133t Output
      # nmap -oS [scan.txt] [target]

Troubleshooting and Debugging

  • Getting Help
      # nmap -h
  • Display Nmap Version
      # nmap -V
  • Verbose Output
      # nmap -v [target]
  • Debugging
      # nmap -d [target]
  • Display Port State Reason
      # nmap --reason [target]
  • Only Display Open Ports
      # nmap --open [target]
  • Trace Packets
      # nmap --packet-trace [target]
  • Display Host Networking
      # nmap --iflist
  • Specify a Network Interface
      # nmap -e [interface] [target]

Nmap Scripting Engine

  • Execute Individual Scripts
      # nmap --script [script.nse] [target]
  • Execute Multiple Scripts
      # nmap --script [expression] [target]
  • Script Categories
      # all, auth, default, discovery, external, intrusive, malware, safe, vuln
  • Execute Scripts by Category
      # nmap --script [category] [target]
  • Execute Multiple Script Categories
      # nmap --script [category1,category2,etc
  • Troubleshoot Scripts
      # nmap --script [script] --script-trace [target]
  • Update the Script Database
      # nmap --script-updatedb


  • Comparison Using Ndiff
      # ndiff [scan1.xml] [scan2.xml
  • Ndiff Verbose Mode
      # ndiff -v [scan1.xml] [scan2.xml
  • XML Output Mode
      # ndiff --xml [scan1.xml] [scan2.xml

See also: https://eikonal.wordpress.com/2010/01/29/vulnerability-assessment-tools/ at this blog.


LiveCD distributions for information security

  • a list of Security Live CDs at Knoppix.net – http://www.knoppix.net/wiki/Security_Live_CD
  • BackTrack – Penetration Testing Distribution- http://www.backtrack-linux.org/ | http://en.wikipedia.org/wiki/BackTrack
  • DVWA (Damn Vulnerable Web App) – http://www.dvwa.co.uk/
      Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
  • NST (Network Security Toolkit) – http://networksecuritytoolkit.org/nst/index.html – a bootable ISO live CD/DVD (NST Live) based on Fedora Linux.
  • OWASP Live CD – http://appseclive.org/ | http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project:

      Welcome to AppSecLive.org! We are an online community focused on, you guessed it, web application security. We welcome all folks from all arenas to join us in discussing everything from tools to techniques relating to the security of the web. AppSecLive.org is also the new home of the OWASP Live CD, which is maintained by Matt Tesauro. This is where you will find support for the OWASP Live CD.
  • Samurai Web Testing Framework – http://samurai.inguardians.com/
      The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.
      Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.


Feynman derivation of Maxwell equations

  • “On Feynman’s Approach to the Foundations of Gauge Theory” by M. C. Land, N. M. Shnerb and L. P. Horwitz; 2 Aug 1993. – 36 p. – http://cdsweb.cern.ch/record/568394/:
      Abstract: In 1948, Feynman showed Dyson how the Lorentz force and Maxwell equations could be derived from commutation relations coordinates and velocities. Several authors noted that the derived equations are not Lorentz covariant and so are not the standard Maxwell theory. In particular, Hojman and Shepley proved that the existence of commutation relations is a strong assumption, sufficient to determine the corresponding action, which for Feynman’s derivation is of Newtonian form. Tanimura generalized Feynman’s derivation to a Lorentz covariant form, however, this derivation does not lead to the standard Maxwell theory either. Tanimura’s force equation depends on a fifth ({\it scalar}) electromagnetic potential, and the invariant evolution parameter cannot be consistently identified with the proper time of the particle motion. Moreover, the derivation cannot be made reparameterization invariant; the scalar potential causes violations of the mass-shell constraint which this invariance should guarantee. In this paper, we examine Tanimura’s derivation in the framework of the proper time method in relativistic mechanics, and use the technique of Hojman and Shepley to study the unconstrained commutation relations. We show that Tanimura’s result then corresponds to the five-dimensional electromagnetic theory previously derived from a Stueckelberg-type quantum theory in which one gauges the invariant parameter in the proper time method. This theory provides the final step in Feynman’s program of deriving the Maxwell theory from commutation relations; the Maxwell theory emerges as the “correlation limit” of a more general gauge theory, in which it is properly contained.



Filed under: anarchism — Tags: — sandokan65 @ 15:03

Bertrand Russell

Filed under: atheism, critical thinking — Tags: , — sandokan65 @ 14:57


Windows tools


System information tools / Gathering system information


RAM tools

Hard disk size usage

Hard disk defragmentation

Partitioning hard disks

Currently running processes

Port mappers / Currently open ports

  • FPort by Foundstone@McAfee – http://www.foundstone.com/us/resources/proddesc/fport.htm; [FREEWARE]
  • CurrPorts – http://www.snapfiles.com/get/cports.html [FREEWARE] – it allows viewing a list of ports that are currently in use, and the applications using them. You can close a selected connection and also terminate the process using it, and export all or selected items to a HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more. Other features include logging of changes, custom filters and more.
  • Opened Ports Viewer by Gaijin – http://www.gaijin.at/en/dlopview.php… displays a list with all opened ports on a machine, including the associated process (similar the console command “netstat”). The port list can be sorted and filtered. An export function enables youto save the list as HTML, CSV or plain text file. Opened Ports Viewer can be used in multi-user environments and on USB sticks.

Control of startup programs

System maintenance and Patching


Registry cleaning and maintenance


Undeleting/recovering files


Recovering product keys


  • Oops!Backup by Altaro – http://www.altaro.com/timemachine/index.php [COMMERCIAL]
  • Misc


    Spam protection

    Here: Security tools –https://eikonal.wordpress.com/2010/07/28/security-tools/ | Portable tools – https://eikonal.wordpress.com/2010/01/08/portable-applications/.



    • “Gossip or “Viruses in the Body Politic” by Rod Graham (2010.08.07) – http://grahamsoc.wordpress.com/2010/08/07/gossip-or-viruses-in-the-body-politic/
    • “The effect of gossip on social networks” by Allison K. Shaw, Milena Tsvetkova and Roozbeh Daneshvar (Complexity; 2010.08.17; DOI: 10.1002/cplx.20334) – http://onlinelibrary.wiley.com/doi/10.1002/cplx.20334/abstract
        Abstract: In this article, we develop a simple model for the effect of gossip spread on social network structure. We define gossip as information passed between two individuals A and B about a third individual C which affects the strengths of all three relationships: it strengthens A-B and weakens both B-C and A-C. We find, in both an analytic derivation and model simulations, that if gossip does not spread beyond simple triads, it destroys them but if gossip propagates through large dense clusters, it strengthens them. Additionally, our simulations show that the effect of gossip on network metrics (clustering coefficient, average-path-length, and sum-of-strengths) varies with network structure and average-node-degree.


    Religious opression

    Filed under: religion, superstitions — Tags: , , , , — sandokan65 @ 12:39
    • “Religion Does Its Worst” by Roger Cohen (New York Times; 2011.04.04) – http://www.nytimes.com/2011/04/05/opinion/05iht-edcohen05.html
        “So Terry Jones, the Florida pastor who organized a Koran burning on March 20, wanted “to stir the pot.” Mission accomplished. Perhaps he’d care to explain himself to the family of Joakim Dungel, a 33-year-old Swede slaughtered at the U.N. mission in Mazar-i-Sharif by Afghans whipped into frenzy through Jones’s folly.

        On reflection, no, there’s nothing Jones can explain to Dungel’s family, or the other U.N. staffers murdered. Jones is not in the explanation business. He’s a zealot. How else to describe a Christian who interprets his faith not as grounded in love and compassion but as a mission to incite hatred toward Islam? “

    • “Free Exercise of Religion? No, Thanks.” by Christopher Hitchens (Slate; 2010.09.06) – http://www.slate.com/id/2266154/…The taming and domestication of religious faith is one of the unceasing chores of civilization…

    Appropriation of older cultural elements

    Related: Millennialism and other religious catastrophisms – https://eikonal.wordpress.com/2011/05/22/millennialism-and-other-religions-catastrophisms/

    Older Posts »

    Blog at WordPress.com.