What is end-to-end delay?

What is end-to-end delay?

• Packet travel time from source to destination
• The wait time for a pay check
• Time taken for ISP to bring a link up
• The delay during a VoIP call 

EXPLANATION

End-to-end delay or one-way delay (OWD) refers to the time taken for a packet to be transmitted across a network from source to destination. It is a common term in IP network monitoring, and differs from round-trip time (RTT) in that only path in the one direction from source to destination is measured.

Measurement

The ping utility measures the RTT, that is, the time to go and come back to a host. Half the RTT is often used as an approximation of OWD but this assumes that the forward and back paths are the same in terms of congestion, number of hops, or quality of service (QoS). This is not always a good assumption. To avoid such problems, the OWD may be measured directly.
OWDs may be measured between two points A and B of an IP network through the use of synchronized clocks; A records a timestamp on the packet and sends it to B, which notes the receiving time and calculates the OWD as their difference. The transmitted packets need to be identified at source and destination in order to avoid packet loss or packet reordering. However, this method suffers several limitations, such as requiring intensive cooperation between both parties, and the accuracy of the measured delay is subject to the synchronization precision.
The Minimum-Pairs Protocol is an example by which several cooperating entities, A, B, and C, could measure OWDs between one of them and a fourth less cooperative one (e.g., between B and X).^[1]

Delay components

End-to-end-delay in networks comes from several sources including transmission delay, propagation delay, processing delay and queuing delay.

Read More

This virus activated every Friday the 13th, affects both .EXE and .COM files and deletes any programs run on that day. What is the name of that virus?

This virus activated every Friday the 13th, affects both .EXE and .COM files and deletes any programs run on that day. What is the name of that virus?

• I Love You
• Solar Sunrise
• Chernobyl
• Jerusalem

EXPLANATION

On a day like today, we remember one of the viruses that has caused the most headaches for users: Friday the 13 th.

The virus Jerusalem, also known as Friday the 13^th, was created in Israel in 1988 to celebrate the 40^th anniversary of the creation of the Jewish state.
To activate the virus, the calendar only had to hit Friday the 13^th and all the programs and files that were being used would be infected and eliminated.
There wasn’t a specific method to spread the virus, but that it was done through normal systems like floppies, CD-ROM or attachments in emails.

How It Works?

–  Infects files with extensions of COM, EXE or SYS and increases in size whenever the file is executed
–  It reduces the memory available on the computer
–  Causes your computer system to slow down
–  Every the Friday the 13th the virus is activated, and eliminates computer files that are used that day

 

Read More

The following Linux command was run with an exit status of zero: " find /home/terry -name "*".txt -name "*".text " What is the command's output?

The following Linux command was run with an exit status of zero: " find /home/terry -name "*".txt -name "*".text " What is the command's output?

• All file names that end in ".text"
• Nothing
• Two files literally named "*.txt" and "*.text"
• All file names that end in ".txt" 

 

EXPLANATION

The expression    -name "*".txt   -name "*".text   is evaluated left to right right for each name encountered as the directories are traversed.  Logical AND is the default when an operator is not specified between tests.  The asterisk is quoted, so it is not expanded by the shell when the ENTER key is pressed, but is used by "find" to match any value to the left of the period.   Each name is also evaluated for  "txt"   and  "text" to the right of the period.  Since the single name being tested cannot end in both .txt and .text, no name can be matched by the expression, and there will be no output to "find".
The following Linux command was run with an exit status of zero: " find /home/terry -name "*".txt -name "*".text " What is the command's output?

# find /home/terry -name "*".txt   -name "*".text  ##Running as root
# echo $?      ## Show the exit status of the above "find"
0

Note that the command was successful (exit status 0), even though there were no matches. An exit status of 0 means that "find" was successful in walking the directory tree.  An exit status of 0 does not mean that the expression was matched.
Using the  " -or "  operator, this "find" command will output names ending in  .txt  or  .text

# find /home/terry -name "*".txt  -or    -name "*".text
/home/terry/.local/share/contacts/WARNING_README.txt
/home/terry/tg/test.text
/home/terry/.config/libreoffice/4-suse/user/uno_packages/cache/log.txt
/home/terry/.mozilla/firefox/v0h37x7l.default/revocations.txt
/home/terry/.mozilla/firefox/v0h37x7l.default/SiteSecurityServiceState.txt
# echo $?      ## Show the exit status of the above "find"
0

Note that if the user does not have permission to traverse the directory, the exit status will indicate failure, and there won't be any hits for matching names in the directories for which access is denied to a non-root user:

$ find /home/terry -name "*".txt -o -name "*".text  2>/dev/null  ##redirecting stderr to remove clutter
/home/terry/tg/test.text
$ echo $?      ## Show the exit status of the above "find"
1

"GNU find searches the directory tree rooted at each given starting-point by evaluating the given expression from left to right, according to the rules of precedence (see section OPERATORS), until the outcome is known....
Operators join together the other items within the expression. They include for example -o (meaning logical OR) and -a (meaning logical AND).  Where an operator is missing, -a is assumed....
find exits with status 0 if all files are processed successfully, greater than 0 if errors occur. This is deliberately a very broad description, but if the return value is non-zero, you should not rely on the correctness of the results of find."

See also:
https://pubs.opengroup.org/onlinepubs/009695399/utilities/find.html

"EXIT STATUS
The following exit values shall be returned:
0  All path operands were traversed successfully.
>0  An error occurred."

SOURCE

http://man7.org/linux/man-pages/man1/find.1.html

Read More

What feature in Windows alerts you when a program starts that could make changes requiring admin access?

What feature in Windows alerts you when a program starts that could make changes requiring admin access?

• SECPOL
• UAC
• GPEDIT
• MSC 

EXPLANATION

When Windows launched Vista in 2008, it brought a large list of improvements over previous versions. One of the largest selling points for Vista was the increased security that it offered and one of the central aspects of this increased security is UAC, but exactly what is UAC? Windows Vista has the built-in ability to automatically reduce the potential of security breeches in the system. It does that by automatically enabling a feature called User Account Control (UAC). The UAC forces users that are part of the local administrators group to run like they were regular users with no administrative privileges.

Whenever a user that is a member of the local administrators group (or even a member of the Domain Admins group if the computer is part of an Active Directory domain) tries to perform a task that requires administrative privileges, the operating system halts the operation and prompts the user to acknowledge it prior to running the task.

Note the little shield icon next to some of the items in the above screenshot. These items, if clicked upon, will invoke the UAC prompt, and the following message is displayed:

In case the user is not a member of the local administrators group and he or she tries to perform a task that requires such privileges, they are prompted to enter the valid credentials of an administrator (similar to the Run As command in existing Windows XP/2003):

Although UAC clearly improves the security on Windows Vista, under some scenarios you might want to disable it, for example when giving demos in front of an audience (demos that are not security related, for example). Some home users might be tempted to disable UAC because of the additional mouse clicking it brings into their system, however I urge them not to immediately do so, and try to get used to it instead

Read More

In the Windows registry, what does HKCU stand for?

In the Windows registry, what does HKCU stand for?

• HKEY_COMMON_USER
• HKEY_COMMAND_USER
• HKEY_COMPUTER_USER
• HKEY_CURRENT_USER 

EXPLANATION

How to Get to HKEY_CURRENT_USER

HKEY_CURRENT_USER is a registry hive, one of the easier types of things to find in Registry Editor:

1. Open Registry Editor.
2. Locate HKEY_CURRENT_USER in Registry Editor, from the pane on the left.
3. Double-tap or double-click on HKEY_CURRENT_USER, or single click/tap the small arrow or plus icon on the left, if you want to expand it.
   

Newer versions of Windows use an arrow as that button to expand registry hives but others have a plus sign.

Don't See HKEY_CURRENT_USER?

HKEY_CURRENT_USER may be hard to find if Registry Editor has been used on your computer before, since the program takes you directly to the last place you were. Since all computers with Windows Registry have this hive, you aren't actually missing HKEY_CURRENT_USER if you can't see it, but you might need to hide a few things in order to find it.

Here's what to do: From the left-hand side of Registry Editor, scroll to the very top until you see Computer and HKEY_CLASSES_ROOT. Select the arrow or plus sign to the left of the HKEY_CLASSES_ROOT folder to minimize/collapse that entire hive. The one just below it is HKEY_CURRENT_USER.

Registry Subkeys in HKEY_CURRENT_USER

Here are some common registry keys you might find under the HKEY_CURRENT_USER hive:

• HKEY_CURRENT_USER\AppEvents
• HKEY_CURRENT_USER\Console
• HKEY_CURRENT_USER\Control Panel
• HKEY_CURRENT_USER\Environment
• HKEY_CURRENT_USER\EUDC
• HKEY_CURRENT_USER\Identities
• HKEY_CURRENT_USER\Keyboard Layout
• HKEY_CURRENT_USER\Network
• HKEY_CURRENT_USER\Printers
• HKEY_CURRENT_USER\Software
• HKEY_CURRENT_USER\System
• HKEY_CURRENT_USER\Volatile Environment

The registry keys located under the HKEY_CURRENT_USER hive on your computer may differ from the list above. The version of Windows you're running, and the software you have installed, both determine what keys may be present.

Since the HKEY_CURRENT_USER hive is user specific, the keys and values contained in it will differ from user to user even on the same computer. This is unlike most other registry hives which are global, like HKEY_CLASSES_ROOT, which retain the same information across all users in Windows.

HKCU Examples

Following is some information on just a few sample keys found under the HKEY_CURRENT_USER hive:

HKEY_CURRENT_USER\AppEvents\EventLabels

This is where labels, sounds, and descriptions are found for various functions in Windows and third-party apps, like fax beeps, completed iTunes tasks, low battery alarm, mail beeps, and more.

HKEY_CURRENT_USER\Control Panel

Under \Control Panel\Keyboard is where a few keyboard settings are found, like the keyboard delay and keyboard speed options, both of which are controlled via the Repeat delay and Repeat rate settings in the Keyboard Control Panel applet.

The Mouse applet is another one whose settings are stored in the HKEY_CURRENT_USER\Control Panel\Mouse key. Some options there include DoubleClickHeight, ExtendedSounds, MouseSensitivity, MouseSpeed, MouseTrails, and SwapMouseButtons.

Yet another Control Panel section is dedicated solely to the mouse cursor, found under Cursors. Stored here is the name and physical file location of default and custom cursors. Windows uses still and animated cursor files that have the CUR and ANI file extensions, respectively, so most of the cursor files found here point to files of those types in the %SystemRoot%\cursors\ folder.

The same is true for the HKCU Control Panel Desktop key that defines lots of Desktop-related settings in values like WallpaperStyle that describes whether to center the wallpaper or stretch it across the display. Others in this same location include CursorBlinkRate, ScreenSaveActive, ScreenSaveTimeOut, and MenuShowDelay.

HKEY_CURRENT_USER\Environment

The Environment key is where environment variables like PATH and TEMP are found. Changes can be made here or through Windows Explorer, and they'll be reflected in both places.

HKEY_CURRENT_USER\Software

Lots of user-specific software entries are listed in this registry key. One example is the location of the Firefox web browser program. This subkey is where the PathToExe value is found that explains where firefox.exe is located within the installation folder:

HKEY_CURRENT_USER\Software\Mozilla\Mozilla Firefox\57.0 (x64 en-US)\Main

More on HKEY_CURRENT_USER

The HKEY_CURRENT_USER hive is actually just a pointer to the key located under the HKEY_USERS hive that's named the same as your security identifier. You can make changes in either location since they are one and the same.

The reason HKEY_CURRENT_USER even exists, given that it's just a reference point to another hive, is that it provides an easier way to view the information. The alternative is to find the security identifier of your account and navigate to that area of HKEY_USERS.

Again, everything seen in HKEY_CURRENT_USER pertains only to the user that's currently logged on, not any of the other users that exist on the computer. This means that each user that logs in will pull their own information from the corresponding HKEY_USERS hive, which in turn means HKEY_CURRENT_USER will be different for each user that views it.

Because of how this is set up, you could actually just navigate to a different user's security identifier in HKEY_USERS to see everything they would see in HKEY_CURRENT_USER when they're logged in.

 

Read More