Tag Archives: vishwacloud kb

New post Five Minutes with Steve Blythe

Five Minutes with Steve Blythe

by Krista

Every so often, we sit down with an Automattician to help you get to know the people who work behind the scenes to build new features, keep Automattic’s wheels turning, and make WordPress.com the best it can be. In this installment, we’re delighted to introduce you to Happiness Engineer, photographer*, and beard enthusiast Steve Blythe — a.k.a. clickysteve. Thinking about applying to work at Automattic? We’re hiring.

* All photos below by Steve Blythe.

What’s your role at Automattic?

Steve Blythe, a.k.a., clickysteveSteve Blythe, a.k.a., clickysteve

I’m a Happiness Engineer, currently part of the affectionately titled PUG team. We look after all of the issues that Paid, Unpaid, and Gravatar users have, and try to make sure WordPress.com is the place to be.

One of the cool things about working at Automattic is the chance to get to try out new things, so in February I’ll be doing a couple of weeks with the ToS team. They handle all of the Terms of Service issues — such as DMCA notices, and defamation complaints. I’ve got a Law degree, and my Masters is in Internet Law & Policy, so it’s awesome to get the chance to work alongside a team that is doing so many cool things to stand up for digital rights.

Kerry Hay
scientology

What were you doing before Automattic? How did you get here?

Before Automattic I was the Digital Marketing Manager for a large independent software company in Scotland. I had been there since I was 16 — straight from school. Over those nine-ish years, I’d gone from first line technical support through to third, then on to eventually developing a digital strategy and implementing a slick new website before I left.

It was good fun, and it meant I got lots of exposure to different things that I would never have had the chance to elsewhere, but the corporate world was never one in which I fit very well. Tattoos, piercings, and often multi-coloured hair aside, my sleeping schedule means that I work best in the wee hours of the morning (1:00 a.m. — 3:00 a.m.), and so getting up to travel in to an office for 8:30 a.m. was always a bit of a struggle — no matter how many stimulants were consumed.

On top of that, there was a whole lot of different big changes happening in my life (not least of which involves the planning of a transatlantic marriage) which meant the time was ripe for something new — both in terms of fresh challenges, and also being somewhere that felt more closely aligned with who I am as a person. Luckily, I found Automattic.

What have you learned that you can share with WordPress.com users?

The web has brought about this amazing opportunity for people to express and share their thoughts on any topic imaginable, and then for those to be communicated to potentially millions of people. Major corporations and political powers are terrified of the effect the words of a single blogger can have — it’s a really exciting time.

You never know who is looking at what you write, and the effect that it might have. It can be tough sometimes to do what feels like speaking to an empty room, but what you have to say is valuable: get it out there.

8443269893_827a6bb746_b
2413724604_98c4bd765f_o

What do you most enjoy about your job?

I really feel like I’m amongst my people.

We can sit next to each other on our laptops and be comfortable, not have to speak a word aloud, share wine and donuts in a strange city, or (literally) be thousands of miles apart from each other, but we all have something intangible in common.

Nobody here cares what age you are, what hours you work, what you look like, or whatever else. People trust and respect you because you are passionate about the web, and are good at what you do; that’s it.

Grace Janssen
clicky steve

What advice would you offer to someone applying to work with us at Automattic?

I was one of the first of my generation to properly get into the web; spending all my free time reading up about network protocols, hanging about IRC servers, and chatting on coding forums. I felt at home on the internet, and was sure there must be more to that feeling than just being a bit socially weird.

Growing up in a wee town near Glasgow, Scotland, I would dream about one day being part of the exciting tech industry that was filled with people that got to work on shaping that online world that I loved so much. Despite feeling like I “got it,” and belonged there, I never had the courage to get the finger out and apply for things; I always thought I wasn’t quite ready.

When I read about Automattic, it sounded too much like my ideal job not to just have a bash, and I suddenly realized that the only thing stopping me from doing what I wanted to was myself. I sent off one email, and a couple of months later I’m sitting writing the responses to this interview from the headquarters of WordPress.com in San Francisco. How mental is that?

If you really feel at home on the web (and you’ll know if you do), and want to make it a better place, just go for it! Getting over your own initial mental insecurity is the hardest bit.

6504317577_483818f7a1_b
4353902398_0fa78b7aa6_o
4699807124_b960aa1724_b

Everyone who joins Automattic makes a short intro video so team members across the globe can learn a little bit about you. We think you’ll get a kick out of Steve’s video.

You may also enjoy Five Minutes with . . .

Krista | January 13, 2014 at 4:01 pm | Tags: AutomatticHiringSteve Blythe | Categories: Automatticbehind the scenes | URL: http://wp.me/pf2B5-60o

NSA Official Floats Amnesty For Snowden

Snowden

U.S.

The NSA official tasked with controlling the damage caused by Edward Snowden‘s intelligence leaks thinks that amnesty for the former NSA contractor should be on the table.

Rick Ledgett told CBS’ 60 Minutes that allowing Snowden’s return to the United States is “worth having a conversation about” if Snowden could prove that the massive amounts of data he took are contained from further leaks.

 

“I would need assurances that the remainder of the data could be secured and my bar for those assurances would be very high,” Ledgett said in the interview that aired Sunday night. “It would be more than just an assertion on his part.”

Ledgett said he wants to contain Snowden’s most dangerous documents, which contain information on how countries can protect against U.S. surveillance. “It’s the keys to the kingdom,” he said.

(MORE: Edward Snowden, Runner-Up For TIME Person of the Year

But Gen. Keith…

View original post 105 more words

Paul Walker Buried After Private Funeral

RIP
Bruthawesome!

Entertainment

The Fast & Furious star was laid to rest Saturday during a private funeral service for family and close friends in Los Angeles.

[People]

View original post

Ganges – The Life of the World

Published on Dec 10, 2012
“BEYOND” is an exclusive documentary featuring photographer Joey L. Set in Varanasi, India. The documentary by filmmaker Cale Glendening follows Joey and his assistant Ryan as they complete their latest photo series- “Holy Men.”

Almost every major religion breeds ascetics; wandering monks who have renounced all earthly possessions, dedicating their lives to the pursuit of spiritual liberation.Their reality is dictated only by the mind, not material objects. Even death is not a fearsome concept, but a passing from the world of illusion.

Created by: Cale Glendening, Joey L., Ryan McCarney
Directed by: Cale Glendening
Edit/Color: Chris Dowsett, Cale Glendening, Joey L., Megan Miller, John Carrington
Graphic/Titles: James Zanoni
Original Score: Stephen Keech,Tony Anderson
All Photographs: Joey L.
Guiding/Translation: Raju Verma, Tejinder Singh

Special Thanks: Jesica Bruzzi / BH Photo, Kessler Crane

SlideShare by WikiBrains

Selling Techniques

English: An example of an automated online ass...
English: An example of an automated online assistant. Further information is found in the Automated online assistant article in Wikipedia. (Photo credit: Wikipedia)

 

SALE
SALE (Photo credit: Gerard Stolk (vers l’Avent))

 

 

   

 

Is fear of selling keeping you from converting your prospects into buyers? Here are my top 10 techniques for squashing fear and transferring your confidence to create happy lifetime customers.  

 

  

 

Selling… probably one of the most feared words in the English language, right up there with public speaking. But if you’ve ever persuaded someone to see things from your point of view, you’re already a salesperson. Here’s how to nip the fear of selling in the bud.   

 

What are you afraid of? Fear of success, fear of failure, acceptance, judgment, what everyone thinks about you, your clothes, your haircut, the car you drive? You know what? Forget about it.

 

Fear has to do with punishment. Don’t worry, no one is going to punish you for having an ugly web site, or lousy selling techniques. You might not get many people converting to buyers, but how can you get good at something unless you practice?

 

If you think about it, fear is just an absence of love. The only cure is to add love and compassion. That’s why the first newsletter I wrote in the summer of ’99 was… love what you do. If you honestly add value and truly want to be of service and help people, it’s a far more abundant attitude than a mere sales mentality.

 

If you are truly helpful, people will want to buy from you. All you need to do, is transfer your confidence to them. That’s all selling is really. To make someone as comfortable about their choice as possible. But they won’t be confident if you’re not.

 

That’s why, you need to know as much as possible, about what you are selling. Suppose I come to you and say, “This where I am now, but this is where I want to be.”

 

That measure, or distance between the two, is your opportunity to make the sale. This is where it’s crucial to understand, which product will best fulfill my needs. Sometimes, it’s not your product. But I expect you to know that.

 

That’s one of the biggest mistakes that salespeople make. Going after the short term, or single sale, rather than building the lifetime value or relationship with the customer. That said, here are a few rules we can apply to conquer the fear of selling, whether it’s a product, service, or selling ourselves.

 

1) People love to buy, but hate to be sold. So sell what people want to buy, not what you want to sell. One road leads to riches, the other to poverty.

 

2) Believe in your product. Know the features and benefits. But also know when it’s not right for a particular situation. People will respect your honesty.

 

3) Say the right thing on a continual basis. Stick to the truth, what you’ve experienced, the facts, and first hand proof. Avoid hearsay or stories you’ve heard others tell. In other words, keep hype to a minimum, or better yet, remove it completely. Hype doesn’t work anymore, especially on customers less than 30 years old.

 

4a) Don’t use the tired phrases and wording that everyone else is using. They don’t work anymore. (Words and phrases like; skyrocket, through the roof, amazing, fantastic, incredible, outrageous, ground-breaking, special, time limited, never again, powerful, reveal, exposed, moneymaking, fortune, profit.)

 

4b) All of the words in the list above, should be permanently banned from your sales vocabulary – and your sales letters – if you want to reach todays buyers. Todays buyers have their hype meters on full alert, and are quick to say, “bullship” totally ignoring the rest of your message. In fact, these hype words are so associated with spam that they won’t even get past most email filters.

 

5) Go after the long term relationship, even turning away business that’s not a proper fit for you, your company, or your personality. If there’s something that bothers you about a prospect, even if its a small thing, it will seem 10 times bigger down the road. Choose your clients – your relationships – carefully.

 

6) Don’t train your customers to wait for a sale. Offer good value at a fair price at all times. Above all, offer exemplary customer service. People will always return to someone, or a place, that made them good.

 

7) Think service, not sales. Ask what you can give in any situation, not what you can get. Start by being compassionate towards your customer.

 

8) People buy on emotion and later use logic, to justify a purchase decision. If you appeal to the emotion, the end result, how something will make someone feel, focusing on benefits, or feelings, as opposed to features, your conversion rates will be much higher.

 

9) Sell what you know. For knowledge is certain, not mere perception. Help customers make a wise decision. Make them feel good about their decision, by transferring your confidence to them.

 

10) Finally, when the time is right, don’t be afraid to ask for the order, with a strong call to action. Say, “Can I wrap one of those up for you?” or “Would you like to take one home with you?” On your web site do the same thing, “Click here to have it delivered to your door.” or “Click here to download it to your computer immediately.”

 

Follow these top 10 techniques to squash your fear of selling, and you’ll be well on your way to more confidence, which when transferred to your prospect, will make them a happy customer. One that rewards your desire to learn, inform and serve, with a long term relationship, returning time and again, as a customer for life.

 

 

 

The next big thing in computers

Quantum Computer
Quantum Computer (Photo credit: jurvetson)
Quantum Computing for Google Goggles
Quantum Computing for Google Goggles (Photo credit: jurvetson)
Rose’s Law for Quantum Computers
Rose’s Law for Quantum Computers (Photo credit: jurvetson)
Image representing Google Docs as depicted in ...
Image via CrunchBase

Computing as we know it will change dramatically in the next decade. Digital computing has reached a potential limit in terms of power, size of chips, and ever-decreasing costs. Otherwise referred to as the end of the prediction called Moore’s Law, this is what we are facing, an arrested development as it were.

The other big thing on the horizon is cloud computing, where we substitute our hard drives of data for life on another server, in the cloud. Cloud computing offers computing as a network service, like the electricity grid, that we plug into to send and retrieve information. But here major privacy issues may erupt. After all the information is being sent to another’s server.

One savior for both challenges may be the quantum computer. A recent study published in Science finds that quantum computing may be perfect for the cloud. But having data “out there” on the Internet as opposed to in your hard drive at home brings up privacy risks. The solution recently laid out in the paper is called “blind quantum computing.”

But let’s back up and explain quantum computing.

Its advantage comes from a computational unit called a qubit. So in computers as we typically know them today, a digital bit of data can take the form of either a 0 or a 1. The fascinating and fortunate thing with quantum computing is that a qubit can be both 0 and 1 simultaneously. Quantum computing uses photons that are sent over long distances and have operations performed on them to encode the data.

Researchers are hopeful that qubits will be able to perform tasks we simply cannot do today with digital computing. Among the top most-wanted: The ability to protect and crack encrypted communication.

With quantum computing information can be sent via cloud services like Google Docs with privacy intact.

Essentially blind computing means the data can be worked and manipulated without ever being revealed.

Right now quantum computing and cryptography remain a distant reward limited to labs, but in this recent paper scientists believe we only need to find a way to make qubits at home, while the complicated work of quantum computing can be done securely in the cloud.

“Quantum physics solves one of the key challenges in distributed computing. It can preserve data privacy when users interact with remote computing centers,” Stefanie Barz of the University of Veinna and lead author of the study, said in a publicly released statement.

As explained in a recent piece from the BBC news:

A user would send single qubits – each perfectly secure – to a remote computer, along with a recipe for the measurements to be made.

The process is completely clear to the user – for example, finding all the numbers that multiply together to reach the number 2,012 – but because the number 2,012 is encrypted, the instructions appear to be a series of random steps on an unknown number.

The remote computer blindly “entangles” the unknown bits, carries out the steps, and sends the qubits back down the line, solving the problem without ever decoding what is going on.

The team built a system demonstrating that the approach works, using a number of computational steps that might make up future computing scenarios.

Essentially this means the person who produces the qubits knows their state (or entanglement) and can decipher the outcome. But the people who do the data processing will not be able to decode the qubits. Basically the data would look like a bunch of nonsensical commands.

This research is a good first step towards realizing a possibility of having quantum computing widely available to the public, within the realm of cloud computing. Although right now the only organizations that can afford quantum computing are governments, mega-corporations, or the military. At least these recent studies promise hyper-secure computing for such organizations.

Still what is not there is the hyper-powerful quantum computer itself, although as the BBC noted earlier this January a computer could deal with 84 qubits at once. Scientists note in the abstract: This computation is the largest experimental implementation of a scientifically meaningful quantum algorithm that has been done to date.

Cost, size and complexity all need to significantly decrease, however, before quantum computing can become a reality in the consumer cloud.

2012 – tribute to STEVE JOBS

English: Apple director Steve Jobs shows iPhone
English: Apple director Steve Jobs shows iPhone (Photo credit: Wikipedia)
Steve Jobs inspiration poster
Steve Jobs inspiration poster (Photo credit: MarkGregory007)
Image representing Steve Jobs as depicted in C...
Image via CrunchBase

THE FIVE DRAGONS & Steve Jobs

Troubleshooting Windows Update

The Windows family tree.
The Windows family tree. (Photo credit: Wikipedia)
Image representing Windows as depicted in Crun...
Image via CrunchBase

Troubleshooting Windows Update:

The error messages generated while using the Windows Update site can be used to determine where the problem is occurring. Windows Update error messages can be viewed in two locations; they are displayed on the Windows Update site when the error occurs and are also entered into the WindowsUpdate.log file.

The following table lists the basic format.

Collapse this tableExpand this table

Date Time PID TID Component Text
2005-06-01 18:30:03 992 810 Misc = Logging initialized
2005-06-01 18:30:03 992 810 Misc = Process:
2005-06-01 18:30:03 992 810 Misc = Module:

The WindowsUpdate.log file is located in the %SystemRoot% directory, which is usually C:\Windows. It is important to note that there are two similarly named log files, WindowsUpdate.log is the version 5 log file, while Windows Update.log is the version 4 log file. For quick access to this file, click on Start /Run and type WINDOWSUPDATE.LOG and click OK.

To determine where an error has occurred by looking up the error code in the table below. The beginning segment will identify what Windows Update process returned the error. Once you have identified the error code and determined where it is being generated you can look up the error text in the spreadsheet for a more detailed description.

Error Prefix Process
0x8DDD???? Windows Update Web Site
0x18?????? Windows Update Web Site
0x800700?? Windows Update Web Site
0x8024???? WUS Controls (Scan for Updates)
0x8019???? Background Intelligent Transfer Service (BITS)
0x8020???? Background Intelligent Transfer Service
0x8007F??? update.exe installer
0xC???????? Corruption in C:\windows\softwaredistribution\datastore

Using the error code received from the log file, you can search for articles from Microsoft website.

Troubleshooting Windows Service Startup Problems

If you cannot start the services tool, configure the service to use the built-in system account using the following steps:

  1. Start Registry Editor (Regedit.exe).

Important: This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs.

  1. Locate the ObjectName value in the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ServiceName

  1. On the Edit menu, click Modify.
  2. In the Value Data box, type localsystem, and then click OK.
  3. Quit Registry Editor.
  4. Attempt to restart the service. You may need to restart the computer for some services to restart properly.

Note: If you cannot start Registry Editor, you can modify the service account information by performing a parallel installation.

Troubleshooting Windows Firewall

While troubleshooting Windows Firewall, follow the basic rules mentioned below:

  1. Windows Firewall can be enabled or disabled only by administrators. It can be enabled or disabled by a Local Security Policy or Group Policy, as well—sometimes preventing access even by a local administrator.
  1. To share printers and files on a local computer that is running Windows Firewall, you must enable the File And Printer Sharing exception.
  1. If the local computer is running a service, such as a Web server, FTP server, or other service, network users cannot connect to these services unless you create the proper exceptions in Windows Firewall.
  1. Windows Firewall blocks Remote Assistance and Remote Desktop traffic by default. You must enable the Remote Desktop and/or Remote Assistance exceptions for remote users to be able to connect to a local computer with Remote Desktop or Remote Assistance.

Follow these steps to diagnose problems:

  • To verify that TCP/IP is functioning correctly, use the ping command to test the loopback address (127.0.0.1) and the assigned IP address.
  • Verify the configuration in the user interface to determine whether the firewall has been unintentionally set to Off or On with No Exceptions.
  • Use the netsh commands for Status and Configuration information to look for unintended settings that could be interfering with expected behavior.
  • Determine the status of the Windows Firewall/Internet Connection Sharing service by typing the following at a command prompt:

sc query sharedaccess

(The short name of this service is SharedAccess.) Troubleshoot service startup based on the Win32 exit code if this service does not start.

  • Determine the status of the Ipnat.sys firewall driver by typing the following at a command prompt:

sc query ipnat

This command also returns the Win32 exit code from the last start try. If the driver is not starting, use troubleshooting steps that would apply to any other driver.

  • If the driver and service are both running, and no related errors exist in the event logs, use the Restore Defaults option on the Advanced tab of Windows Firewall properties to eliminate any potential problem configuration.
  • If the issue is still not resolved, look for policy settings that might produce the unexpected behavior. To do this, type GPResult /v > gpresult.txt at the command prompt, and then examine the resulting text file for configured policies that are related to the firewall

Windows Firewall Troubleshooting Tools

Windows XP with SP2 provides the following tools for troubleshooting Windows Firewall issues:

  • Netsh firewall show commands
  • Audit logging
  • Windows Firewall logging file
  • The Services snap-in
  • The Event Viewer snap-in
  • The Netstat tool

Netsh Firewall Show Commands

To obtain information when troubleshooting Windows Firewall, use the following netsh commands:

netsh firewall show state verbose=enable

This command displays the actual state of Windows Firewall for the current set of settings, as configured by the combination of local Windows Firewall settings and Group Policy-based Windows Firewall settings, and the current set of open ports.

netsh firewall show config verbose=enable

This command displays only the local Windows Firewall settings as configured by local settings. Note that unlike the netsh firewall show state verbose=enable command, this command only shows what is configured locally, rather than the current state of the Windows Firewall. You can use this command when you want to compare what is configured locally to the actual state of Windows Firewall, to determine the changes in Windows Firewall settings due to Group Policy.

Audit Logging

To track changes that are made to Windows Firewall settings and to see which applications and services asked Windows XP to listen on a port, you can enable audit logging and then look for audit events in the security event log.

To enable audit logging on a computer running Windows XP with SP2, do the following:

  1. Log on using an account that is a local administrator.
  1. From the Windows XP desktop, click Start, click Control Panel, click Performance and Maintenance, and then click Administrative Tools.
  1. In Administrative Tools window, double-click Local Security Policy Shortcut.
  1. In the console tree of the Local Security Settings snap-in, click Local Policies, and then click Audit Policy.
  1. In the details pane of the Local Security Settings snap-in, double-click Audit policy change. Select Success and Failure, and then click OK.
  1. In the details pane of the Local Security Settings snap-in, double-click Audit process tracking. Select Success and Failure, and then click OK.
  1. Close the Local Security Settings snap-in.

You can also enable audit logging for multiple computers in an Active Directory® directory service domain using Group Policy by modifying the Audit policy change and Audit process tracking settings at Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy for the Group Policy objects in the appropriate domain system containers.

Once audit logging is enabled, use the Event Viewer snap-in to view audit events in the security event log.

Windows Firewall uses the following event IDs:

  • 848 – Displays the startup configuration of Windows Firewall.
  • 849 – Displays an application exception configuration.
  • 850 – Displays a port exception configuration.
  • 851 – Displays a change made to the application exceptions list.
  • 852 – Displays a change made to the port exceptions list.
  • 853 – Displays a change made to the Windows Firewall operation mode.
  • 854 – Displays a change made to Windows Firewall logging settings.
  • 855 – Displays a change made to ICMP settings.
  • 856 – Displays a change made to the Prohibit unicast response to multicast or broadcast requests setting.
  • 857 – Displays a change made to the Remote Administration setting.
  • 860 – Displays a change made to a different profile.
  • 861 – Displays an application attempting to listen for incoming traffic.

Windows Firewall Logging File

To determine whether a specific computer is dropping packets, enable Windows Firewall logging, either on an individual computer or through Group Policy settings. Then, check the Windows Firewall log file for entries that correspond to the suspected traffic.

The Pfirewall.log file, stored by default in your main Windows folder, records either discarded incoming requests or successful connections based on the Security Logging settings on the Advanced tab in the Windows Firewall component of Control Panel or through the Windows Firewall: Allow logging Group Policy setting. You can use the contents of the Pfirewall.log file to determine whether traffic is reaching the computer on which Windows Firewall is enabled without having to create an exception or enable ICMP traffic.

For example, when you select the Log dropped packets check box, all incoming traffic that is discarded by the firewall is logged in the Pfirewall.log file. You can view this file by double-clicking it in your main Windows folder with Windows Explorer. Use the contents of the log file to determine whether traffic reached your computer and was discarded by Windows Firewall.

The Services Snap-in

You use the Services snap-in to check the status of services (programs running on your computer that provide capabilities to other application programs you might run). For Windows Firewall troubleshooting, use the Services snap-in to check the status and properties of the Windows Firewall (WF)/Internet Connection Sharing (ICS) service. Once Windows Firewall has been enabled, the Windows Firewall (WF)/Internet Connection Sharing (ICS) service in the Services snap-in should be started and configured to automatically start. To use the Services snap-in for Windows Firewall troubleshooting, do the following:

  1. Click Start, click Control Panel, click Performance and Maintenance, click Administrative Tools, and then double-click Services.
  2. In the details pane of the Services snap-in, double-click the Windows Firewall (WF)/Internet Connection Sharing (ICS) service.

Startup type should be set to Automatic and the Service status should be Started.

The Event Viewer Snap-in

If the Windows Firewall (WF)/Internet Connection Sharing (ICS) service is unable to start, then it adds entries to the system event log with information about why it could not start. Additionally, audit log events corresponding to changes in Windows Firewall configuration and program requests to open ports are stored in the security event log. To view the system or security event logs, use the Event Viewer snap-in.

To view the entries in the system or security event logs with the Event Viewer snap-in, do the following:

  1. Click Start, click Control Panel, click Performance and Maintenance, click Administrative Tools, and then double-click Event Viewer.
  1. To look for error events for the Windows Firewall (WF)/Internet Connection Sharing (ICS) service, click System in the console tree of the Event Viewer snap-in.
  1. In the details pane of the Event Viewer, look for Error events.
  1. To look for audit events corresponding to applications or service attempting to open ports, click Security in the console tree of the Event Viewer snap-in.
  1. In the details pane of the Event Viewer, look for events with the event IDs 849, 850, and 861.

The following figure shows an example of an audit event in the security event log.

The Netstat Tool

The Netstat tool displays a variety of information about active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, and IPv4 and IPv6 statistics. In Windows XP with SP2, the Netstat tool supports a new –b option that displays the set of components by file name that are listening on each open TCP and UDP port.

In Windows XP with SP1 and Windows XP with SP2, you can use the netstat –ano command to display the complete set of ports being listened to in numerical form and their corresponding process IDs (PIDs). You can then look up the PID in the display of the tasklist /svc command to discover the name of the process that owns the port. However, in some cases, there are multiple services within a single process and it is not possible with the netstat –ano command to determine which service within the process owns the port.

With the netstat –anb command, Netstat displays the complete set of TCP or UDP ports in numerical form, the file names corresponding to the components of the service that owns the port, and the corresponding PIDs. From the file names and the PID, you can determine which of the services in the display of the tasklist /svc command opened the port.

Troubleshooting Registry Corruption

When registry is corrupt, you may encounter different error messages such as

Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM

Or

Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SOFTWARE

Recovery Steps

To restore the computer to a stable condition, perform the following actions:

  1. Use Repair Hives: Replace current registry hives with those from %windir%\Repair.
  2. Boot the Computer to Safe Mode: boot to Safe Mode in order to access the Restore Point registry files easily.
  3. Obtain Restore Point Hives: Retrieve registry hive files from a recent Restore Point and place them in a folder under %windir%.
  4. Use Restore Point Hives: Replace current registry hives with those from the folder created in the previous step.

The steps for each of these actions are given below in detail:

Use Repair Hives

The best currently accessible registry files are in the %windir%\repair directory. These need to be copied to the %windir%\system32\config folder, after renaming the files currently in place. The steps in this section should enable the computer to boot, but applications installed since the Repair registry hives were last saved will likely not function.

Use the following steps:

  1. At the Recovery Console command prompt, type the following lines, pressing ENTER after you type each line:

cd \windows\system32\config

ren system system.old

ren software software.old

ren SAM SAM.old

ren security security.old

ren default default.old

cd \

cd windows\repair

  1. This next step checks the date and time on the files in the Repair folder. It is important to determine how recently these files were updated. They could be unchanged since Windows XP was originally installed. In order to check the date and time of the files, type DIR.
  2. Note the date the files were modified for use later.
  3. Continue with the copy of files from the Repair folder to the Config folder using the following commands:

copy system C:\windows\system32\config\system

copy software C:\windows\system32\config\software

copy sam C:\windows\system32\config\sam

copy security C:\windows\system32\config\security

copy default C:\windows\system32\config\default

  1. Type exit and restart the computer

Boot the Computer to Safe Mode

You may be unable to log on to the computer in Normal Mode at this point. This can occur because the local user account passwords have been reset to the point at which the Repair registry hives were last saved.

In the event that you cannot log on, use the Administrator account, which does not have a password set by default.

Obtain Restore Point Hives

After gaining access to Windows, you can now make copies of the more recent registries from the Restore Point folders created by System Restore. To do this, use the following steps:

  1. Start Windows Explorer.
  2. On the Tools menu, click Folder options.
  3. Click the View tab.
  4. Under Hidden files and folders, click to select Show hidden files and folders, and then click to clear the Hide protected operating system files (Recommended) check box.
  5. Click Yes when the dialog box that confirms that you want to display these files appears.
  6. Double-click the drive where you installed Windows XP to display a list of the folders. If is important to click the correct drive.
  7. Open the System Volume Information folder. This folder is unavailable and appears dimmed because it is set as a super-hidden folder.

Note: This folder contains one or more _restore {GUID} folders such as “_restore{87BD3667-3246-476B-923F-F86E30B3E7F8}”. If you receive the following error message, use the steps below to add the current user to the permissions for the folder. Otherwise proceed

to step 8 below.

C:\System Volume Information is not accessible. Access is denied.

  1. Open My Computer, right-click the System Volume Information folder, and then click Properties.
  2. Click the Security tab, which will display an interface such as that shown below.
  1. Click Add, and then type the name of the current user. This is the account with which you are logged on.
  2. Click OK, and then click OK.
  3. Double-click the System Volume Information folder to open it.
  1. In the GUID folder, open a folder that was created recently. You may need to click Details on the View menu to see when these folders were created. There may be one or more folders starting with “RP x” under this folder. These are restore points.
  1. Open one of these folders to locate a Snapshot subfolder. The following path is an example of a folder path to the Snapshot folder. Also see for an image of a Snapshot folder:

C:\System Volume Information_restore{D86480E3-73EF-47BCA0EB-

A81BE6EE3ED8}\RP1\Snapshot

  1. From the Snapshot folder, copy the following files to the C:\Windows\Tmp folder:

REGISTRY_USER.DEFAULT

_REGISTRY_MACHINE_SECURITY

_REGISTRY_MACHINE_SOFTWARE

_REGISTRY_MACHINE_SYSTEM

_REGISTRY_MACHINE_SAM

  1. Rename the files in the C:\Windows\Tmp folder as follows:

Rename REGISTRY_USER.DEFAULT to DEFAULT

Rename _REGISTRY_MACHINE_SECURITY to SECURITY

Rename _REGISTRY_MACHINE_SOFTWARE to SOFTWARE

Rename _REGISTRY_MACHINE_SYSTEM to SYSTEM

Rename _REGISTRY_MACHINE_SAM to SAM

Use Restore Point Hives

Now these registry hive files can be copied to the proper location for use by the system. To do this, return to Recovery Console.

  1. At the command prompt, type the following lines, pressing ENTER after you type each line:

cd system32\config

ren sam sam.rep

ren security security.rep

ren software software.rep

ren default default.rep

ren system system.rep

copy c:\windows\tmp\software

copy c:\windows\tmp\system

copy c:\windows\tmp\sam

copy c:\windows\tmp\security

copy c:\windows\tmp\default

  1. Type exit to quit Recovery Console. Your computer restarts

The computer should start in Normal Mode, and the most recent passwords should be functional again and the final state of the computer has matching files and registry configuration.